===================== = End-of-Day report = =====================
Timeframe: Donnerstag 10-08-2017 18:00 − Freitag 11-08-2017 18:00 Handler: Alexander Riepl Co-Handler:
===================== = News = =====================
∗∗∗ Git und Co: Bösartige Code-Repositories können Client angreifen ∗∗∗ --------------------------------------------- Mittels spezieller SSH-URLs kann ein Angreifer Code in den Client-Tools von Quellcode-Verwaltungssystemen ausführen. Der Fehler betrifft praktisch alle verbreiteten Quellcode-Verwaltungssysteme wie Git, Subversion, Mercurial und CVS. --------------------------------------------- https://www.golem.de/news /git-und-co-boesartige-code-repositories-koennen-client-angreifen-17 08-129441.html
∗∗∗ Ukrainian Video-Blogger Arrested For Spreading Petya (NotPetya) Ransomware ∗∗∗ --------------------------------------------- Ukrainian authorities have arrested a 51-year-old man accused of distributing the infamous Petya ransomware (Petya.A, also known as NotPetya) — the same computer virus that massively hit numerous businesses, organisations and banks in Ukraine .. --------------------------------------------- https://thehackernews.com/2017/08/ukraine-petya-ransomware-hacker.html
∗∗∗ Russias Fancy Bear Hackers Used Leaked NSA Tool Eternal Blue" to Target Hotel Guests ∗∗∗ --------------------------------------------- The same hackers who hit the DNC and the Clinton campaign are now apparently spying on high-value travelers via Wi-Fi --------------------------------------------- https://www.wired.com/story/fancy-bear-hotel-hack
∗∗∗ Sichere Passwörter: Viele der herkömmlichen Sicherheitsregeln bringen nichts ∗∗∗ --------------------------------------------- Passwörter brauchen Sonderzeichen, Groß- und Kleinschreibung, Zahlen und müssen oft geändert werden – viele dieser Regeln erhöhen die Sicherheit nicht, sondern bewirken oft das Gegenteil. Der Urheber dieser Regeln bereut sie mittlerweile. --------------------------------------------- https://heise.de/-3797935
∗∗∗ "Game of Thrones": HBO wollte Hackern 250.000 Dollar Lösegeld zahlen ∗∗∗ --------------------------------------------- Offenbar nur Hinhaltetaktik – Kriminelle: Versprechen wurden gebrochen --------------------------------------------- http://derstandard.at/2000062546236
∗∗∗ Schüler deckt Google-Lücke auf, streicht 10.000 Dollar ein ∗∗∗ --------------------------------------------- Bug Bounty-Programm verschafft Schüler aus Uruguay unerwarteten Geldsegen --------------------------------------------- http://derstandard.at/2000062559352
===================== = Advisories = =====================
∗∗∗ DSA-3929 libsoup2.4 - security update ∗∗∗ --------------------------------------------- Aleksandar Nikolic of Cisco Talos discovered a stack-based bufferoverflow vulnerability in libsoup2.4, a HTTP library implementation inC. A remote attacker can take advantage of this flaw by sending aspecially crafted HTTP request to cause an application using .. --------------------------------------------- https://www.debian.org/security/2017/dsa-3929
∗∗∗ DSA-3934 git - security update ∗∗∗ --------------------------------------------- Joern Schneeweisz discovered that git, a distributed revision controlsystem, did not correctly handle maliciously constructed ssh://URLs. This allowed an attacker to run .. --------------------------------------------- https://www.debian.org/security/2017/dsa-3934
∗∗∗ SIMPlight SCADA Software ∗∗∗ --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-222-01
∗∗∗ Solar Controls Heating Control Downloader (HCDownloader) ∗∗∗ --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-222-02
∗∗∗ Solar Controls WATTConfig M Software ∗∗∗ --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-222-03
∗∗∗ Fuji Electric Monitouch V-SFT ∗∗∗ --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-222-04
∗∗∗ Symantec Messaging Gateway RCE and CSRF ∗∗∗ --------------------------------------------- http://www.symantec.com/security_response/securityupdates /detail.jsp?fid=security_advisory&pvid=security_advisory&year=2017&s uid=20170810_00