===================== = End-of-Day report = =====================

Timeframe: Donnerstag 26-07-2018 18:00 − Freitag 27-07-2018 18:00 Handler: Robert Waldner Co-Handler: Alexander Riepl

===================== = News = =====================

∗∗∗ Häftlinge erhacken sich Guthaben im Wert von 225.000 Dollar ∗∗∗ --------------------------------------------- Durch Austricksen eines Tablet-Systems haben sich US-Häftlinge Guthaben für Digitalkonsum verschafft. --------------------------------------------- https://futurezone.at/digital-life/haeftlinge-erhacken-sich-guthaben-im-wert...

∗∗∗ NetSpectre liest RAM via Netzwerk aus ∗∗∗ --------------------------------------------- NetSpectre greift ohne ausführbaren Schadcode an – zwar fließen nur wenige Bytes pro Stunde, aber ungeschützte Server und Storage-Systeme sind angreifbar. --------------------------------------------- http://heise.de/-4121831

∗∗∗ State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China ∗∗∗ --------------------------------------------- Heres a timely reminder that email isnt the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned. This particular ruse, while crude and simplistic, preys on the curiosity .. --------------------------------------------- https://krebsonsecurity.com/2018/07/state-govts-warned-of-malware-laden-cd-s...

===================== = Vulnerabilities = =====================

∗∗∗ Bugtraq: [CORE-2018-0009] - SoftNAS Cloud OS Command Injection ∗∗∗ --------------------------------------------- http://www.securityfocus.com/archive/1/542187

∗∗∗ Vuln: Apache Kafka CVE-2017-12610 User Impersonation Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/104899