======================= = End-of-Shift report = =======================

Timeframe: Freitag 24-03-2017 18:00 − Montag 27-03-2017 18:00 Handler: Robert Waldner Co-Handler: n/a

*** SAP NetWeaver J2EE Platform Security *** --------------------------------------------- In the previous article, we discussed SAP NetWeaver ABAP Platform and its vulnerabilities. Today's topic is the J2EE platform, its architecture, vulnerabilities, and the latest trends in its cyber security. --------------------------------------------- http://resources.infosecinstitute.com/sap-netweaver-j2ee-platform-security/

*** [Update] Ungepatchte SAP-Systeme angreifbar für Remote Code Execution *** --------------------------------------------- Wenn die im Rahmen des SAP Security Patch Day im März 2017 veröffentlichten Patches nicht umgehend eingespielt werden, droht die Kompromittierung zentraler Datenbestände, warnen SAP-Kenner. --------------------------------------------- https://heise.de/-3664479

*** Amazon-Phishingmail: Rechnung über Ihre Verkäufergebühren *** --------------------------------------------- In einer angeblichen Nachricht von "Europe Amazon" erhalten Kund/innen die Information, dass ihr "Duplikat der elektronisch erzeugten Steuerrechnung" verfügbar sei. Sie können es in einem beigefügten Dokument, das den Login-Bereich von Amazon imitiert, herunterladen. Es handelt sich um einen Phishingversuch. --------------------------------------------- https://www.watchlist-internet.at/phishing/amazon-phishingmail-rechnung-uebe...

*** Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005 *** --------------------------------------------- On March 14, 2017, Microsoft released security bulletin MS17-013 to address CVE-2017-0005, a vulnerability in the Windows Win32k component that could potentially allow elevation of privileges. A report from a trusted partner identified a zero-day exploit for this vulnerability. The exploit targeted older versions of Windows and allowed attackers to elevate process privileges on these platforms. --------------------------------------------- https://blogs.technet.microsoft.com/mmpc/2017/03/27/detecting-and-mitigating...

*** IBM Security Bulletins *** --------------------------------------------- *** IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere Dashboard Framework *** http://www-01.ibm.com/support/docview.wss?uid=swg22000663 --------------------------------------------- *** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Web Experience Factory *** http://www-01.ibm.com/support/docview.wss?uid=swg22000643 --------------------------------------------- *** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Process Designer used in IBM Business Process Manager and WebSphere Lombardi Edition *** http://www.ibm.com/support/docview.wss?uid=swg22000871 --------------------------------------------- *** IBM Security Bulletin: Vulnerabilities in zlib affect IBM Sterling Connect:Direct for Microsoft Windows (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843) *** http://www.ibm.com/support/docview.wss?uid=swg22000608 --------------------------------------------- *** IBM Security Bulletin: Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960) *** http://www-01.ibm.com/support/docview.wss?uid=swg21993718 --------------------------------------------- *** IBM Security Bulletin: Vulnerability in OpenSSL affects LCM8 & LCM16 KVM Switch Firmware and GCM16 & GCM32 KVM Switch Firmware (CVE-2016-8610) *** https://support.podc.sl.edst.ibm.com/support/home/docdisplay?lndocid=migr-50... --------------------------------------------- *** IBM Security Bulletin: Vulnerabilities in SSH affect IBM DataPower Gateways (CVE-2016-10009, CVE-2016-10012) *** http://www-01.ibm.com/support/docview.wss?uid=swg22000413&myns=swgws&... --------------------------------------------- *** IBM Security Bulletin: Vulnerabilities in OpenSSH and OpenSSL affect GPFS for Windows V3.5 *** http://www-01.ibm.com/support/docview.wss?uid=isg3T1024968 --------------------------------------------- *** IBM Security Bulletin: IBM Sterling Selling and Fulfillment Foundation is affected by Cross Site Scripting (XSS) Vulnerability (CVE-2016-8917) *** http://www.ibm.com/support/docview.wss?uid=swg22000943 --------------------------------------------- *** IBM Security Bulletin: Multiple vulnerabilities in IBM Jazz Team Server affect IBM Rational products based on IBM Jazz technology *** https://www.ibm.com/support/docview.wss?uid=swg22000784 --------------------------------------------- *** IBM Security Bulletin: Vulnerability in GSKit affects IBM Sterling Connect:Direct for UNIX (CVE-2016-2183) *** https://www-01.ibm.com/support/docview.wss?uid=swg22000927 --------------------------------------------- *** IBM Security Bulletin: Fix Available for IBM iNotes Cross-site Scripting Vulnerability (CVE-2016-9990) *** http://www-01.ibm.com/support/docview.wss?uid=swg21998824 ---------------------------------------------