===================== = End-of-Day report = =====================
Timeframe: Mittwoch 16-08-2017 18:00 − Donnerstag 17-08-2017 18:00 Handler: Stephan Richter Co-Handler: n/a
===================== = News = =====================
∗∗∗ Banking Trojans Set Their Sights on Taxi and Ride-Hailing Apps ∗∗∗ --------------------------------------------- It was to be expected that Android banking trojan operators would eventually set their sights on ride-hailing applications, considering that these apps work with a users financial data on a daily basis. [...] --------------------------------------------- https://www.bleepingcomputer.com/news/security/banking-trojans-set-their-sig...
∗∗∗ Ransomware: Locky kehrt erneut zurück ∗∗∗ --------------------------------------------- Mit Locky kehrt eine bekannte Ransomware nach mehrmonatiger Abwesenheit zurück - mit den Dateiendungen Diablo6 und Lukitus. Immer wieder tauchen neue Versionen auf, die vermutlich von Kriminellen für erpresserische Zwecke gemietet werden. (Malware, Virus) --------------------------------------------- https://www.golem.de/news/ransomware-locky-kehrt-erneut-zurueck-1708-129539-...
∗∗∗ NotPetya: Maersk erwartet bis zu 300 Millionen Dollar Verlust ∗∗∗ --------------------------------------------- Containerterminals standen still, Schiffe konnten weder gelöscht noch beladen werden: Mehrere Wochen hielt der Trojaner den dänischen Mega-Konzern Maersk in Atem. Die Reederei Maersk Line und der Hafenbetreiber APM Terminals wurden schwer getroffen. --------------------------------------------- https://heise.de/-3804688
∗∗∗ Handy-Ersatzteile können Malware einschleusen ∗∗∗ --------------------------------------------- Über Ersatzteile könnten Angreifer unbemerkt Malware in Smartphones schmuggeln. Erkennungsmethoden oder gar Abwehrmaßnahmen gibt es bislang keine, warnen israelische Sicherheitsforscher. --------------------------------------------- https://heise.de/-3804758
∗∗∗ Sicherheitsupdates: Angreifer könnten Drupal-Webseiten ein bisschen umbauen ∗∗∗ --------------------------------------------- Nutzer von Drupal sollten zügig die aktuellen Versionen installieren. In diesen haben die Entwickler mehrere Sicherheitslücken geschlossen. --------------------------------------------- https://heise.de/-3805042
∗∗∗ iMessage: Neuer Betrugsversuch macht die Runde ∗∗∗ --------------------------------------------- Aktuell erreichen Nutzer Nachrichten mit Links, die sie zur Eingabe persönlicher Daten nötigen. Sie stammen angeblich von Apple. --------------------------------------------- https://heise.de/-3804878
===================== = Advisories = =====================
∗∗∗ DSA-3944 mariadb-10.0 - security update ∗∗∗ --------------------------------------------- Several issues have been discovered in the MariaDB database server. Thevulnerabilities are addressed by upgrading MariaDB to the new upstreamversion 10.0.32. Please see the MariaDB 10.0 Release Notes for furtherdetails: --------------------------------------------- https://www.debian.org/security/2017/dsa-3944
∗∗∗ Drupal Core - Multiple Vulnerabilities - SA-CORE-2017-004 ∗∗∗ --------------------------------------------- Drupal 8.3.7 is a maintenance releases which contain fixes for security vulnerabilities.Download Drupal 8.3.7Updating your existing Drupal 8 sites is strongly recommended (see instructions for Drupal 8). This release fixes security issues only; there are no new features nor non-security-related bug fixes in this release. See the 8.3.7 release notes for details on important changes and known issues affecting this release. --------------------------------------------- https://www.drupal.org/SA-CORE-2017-004
∗∗∗ Filr 3.2.1 Update ∗∗∗ --------------------------------------------- Abstract: This update provides a number of general bug fixes for Micro Focus Filr, Search and MySQL appliances including an updated Filr 3.2.1 Desktop client. --------------------------------------------- https://download.novell.com/Download?buildid=zZ3A-xIEvO0~
∗∗∗ VU#793496: Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency ∗∗∗ --------------------------------------------- http://www.kb.cert.org/vuls/id/793496
∗∗∗ Entity Reference - Moderately Critical - Access Bypass - DRUPAL-SA-CONTRIB-2017-067 ∗∗∗ --------------------------------------------- https://www.drupal.org/node/2902596
∗∗∗ Views refresh - Moderately Critical - Access Bypass - DRUPAL-SA-CONTRIB-2017-069 ∗∗∗ --------------------------------------------- https://www.drupal.org/node/2902606
∗∗∗ Views - Moderately Critical - Access Bypass - DRUPAL-SA-CONTRIB-2017-068 ∗∗∗ --------------------------------------------- https://www.drupal.org/node/2902604
∗∗∗ Cisco Application Policy Infrastructure Controller SSH Privilege Escalation Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco TelePresence Video Communication Server Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Ultra Services Platform Deployment Configuration Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Ultra Services Framework AutoVNF Configuration Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Unified Communications Manager Horizontal Privilege Escalation Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco StarOS for ASR 5000 Series Routers Privilege Escalation Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco StarOS for ASR 5000 Series Routers FTP Configuration File Modification Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco StarOS for ASR 5000 Series Routers Command-Line Interface Security Bypass Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Elastic Services Controller Sensitive Log Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Elastic Services Controller Configuration Parameters Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Elastic Services Controller Cross-Site Scripting Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Elastic Services Controller Configuration Files Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Virtual Network Function Element Manager Arbitrary Command Execution Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Security Appliances SNMP Polling Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Policy Suite Privilege Escalation Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Prime Infrastructure HTML Injection Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco AnyConnect WebLaunch Cross-Site Scripting Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ Cisco Application Policy Infrastructure Controller Custom Binary Privilege Escalation Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-...
∗∗∗ IBM Security Bulletin: Security Vulnerabilities in Apache FOP and Apache Batik affect IBM WebSphere Portal (CVE-2017-5661, CVE-2017-5662) ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22006871