[CERT-daily] Tageszusammenfassung - Freitag 8-01-2016
Daily end-of-shift report
team at cert.at
Fri Jan 8 18:12:00 CET 2016
=======================
= End-of-Shift report =
=======================
Timeframe: Donnerstag 07-01-2016 18:00 − Freitag 08-01-2016 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
*** Upcoming Security Updates for Adobe Acrobat and Reader (APSB16-02) ***
---------------------------------------------
A prenotification Security Advisory (APSB16-02) has been posted regarding upcoming updates for Adobe Acrobat and Reader scheduled for Tuesday, January 12, 2016. We will continue to provide updates on the upcoming release via the Security Advisory as well as the...
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1308
*** Android-powered smart TVs targeted by malicious apps ***
---------------------------------------------
Smart TVs running older versions of Android are being targeted by several websites offering apps containing malware, according to Trend Micro.The security vendor wrote on Thursday that it found a handful of app websites targeting people in the U.S. and Canada by offering the malicious apps.The apps are exploiting a flaw in Android that dates to 2014, showing that many smart TVs do not have the latest patches."Most smart TVs today use older versions of Android, which still contain this...
---------------------------------------------
http://www.cio.com/article/3020357/android-powered-smart-tvs-targeted-by-malicious-apps.html#tk.rss_security
*** Good news, OAuth is almost secure ***
---------------------------------------------
Boffins turn up a couple of protocol vulns in Facebooks login stanard German boffins believe there are protocol flaws in Facebooks ubiquitous OAuth protocol that render it vulnerable to attack.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2016/01/08/good_news_oauth_is_ialmosti_secure/
*** Anschlussmissbrauch durch schwerwiegende Lücke bei o2 ***
---------------------------------------------
Seit über einem Jahr versucht o2 eine Schwachstelle im DSL-Netz zu schließen, durch die man fremde VoIP-Anschlüsse kapern kann. Bisher ist das nur zum Teil gelungen.
---------------------------------------------
http://heise.de/-3066225
*** Checkpoint chaps hack whacks air-gaps flat ***
---------------------------------------------
Bought a shiny IP KVM? Uh-oh 32c3 Checkpoint malware men Yaniv Balmas and Lior Oppenheim have developed an air gap-hopping malware system that can quietly infect, plunder, and maintain persistence on networked and physically separated computers.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2016/01/08/checkpoint_chaps_hack_whacks_airgaps_flat/
*** Streaming-Dongle EZCast öffnet Hintertür ins Heimnetzwerk ***
---------------------------------------------
Sicherheitsforscher haben Schwachstellen im HDMI-Dongle EZCast entdeckt. Über die können sich Angreifer Zugang zum Heimnetzwerk des Anwenders verschaffen - unabhängig davon, wie gut das Netz sonst geschützt ist.
---------------------------------------------
http://heise.de/-3066210
*** Sicherheitspatches: VMware unterbindet Rechteausweitung ***
---------------------------------------------
VMware dichtet seine Anwendungen ESXi, Fusion, Player und Workstation ab. Die abgesicherten Versionen stehen für Linux, OS X und Windows bereit. Von der Lücke scheint aber nur Windows bedroht zu sein.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Sicherheitspatches-VMware-unterbindet-Rechteausweitung-3066757.html?wt_mc=rss.ho.beitrag.rdf
*** Blocking Shodan isnt some sort of magical fix that will protect your data ***
---------------------------------------------
Earlier this week, a threat alert from Check Point singled out Shodan as a risk to enterprise operations. The advisory warns Check Point customers about the service, highlighting some of the instances where sensitive data was exposed to the public because Shodan indexed it. When asked about the advisory [archive], Ron Davidson, Head of Threat Intelligence and Research at Check Point, said the company was seeing an increase in the variety and frequency of suspect scans, "including scanners...
---------------------------------------------
http://www.csoonline.com/article/3020108/techology-business/blocking-shodan-isnt-some-sort-of-magical-fix-that-will-protect-your-data.html#tk.rss_applicationsecurity
*** Apple beseitigt gravierende QuickTime-Sicherheitslücken für Windows ***
---------------------------------------------
Angreifer können mit Hilfe einer manipulierten Videodatei Schadcode einschleusen, erklärt Apple. Das Update beseitigt die Schwachstellen in Windows 7 und Vista.
---------------------------------------------
http://heise.de/-3067145
*** Cracking Damn Insecure and Vulnerable App (DIVA) - Part 2: ***
---------------------------------------------
In the previous article, we have seen the solutions for the first two challenges. In this article we will discuss the insecure data storage vulnerabilities in DIVA.
---------------------------------------------
http://resources.infosecinstitute.com/cracking-damn-insecure-and-vulnerable-app-diva-part-2/
*** rt-sa-2015-005 ***
---------------------------------------------
o2/Telefonica Germany: ACS Discloses VoIP/SIP Credentials
---------------------------------------------
https://www.redteam-pentesting.de/advisories/rt-sa-2015-005.txt
*** VMSA-2016-0001 ***
---------------------------------------------
VMware ESXi, Fusion, Player, and Workstation updates address important guest privilege escalation vulnerability
---------------------------------------------
http://www.vmware.com/security/advisories/VMSA-2016-0001.html
*** PHP Bugs May Let Remote Users Obtain Potentially Sensitive Information, Gain Elevated Privileges, or Execute Arbitrary Code ***
---------------------------------------------
http://www.securitytracker.com/id/1034608
*** APPLE-SA-2016-01-07-1 QuickTime 7.7.9 ***
---------------------------------------------
APPLE-SA-2016-01-07-1 QuickTime 7.7.9[Re-sending with a valid signature]QuickTime 7.7.9 is now available and addresses the following:QuickTimeAvailable for: Windows 7 and Windows VistaImpact: Viewing a maliciously crafted movie file may lead to an [...]
---------------------------------------------
http://prod.lists.apple.com/archives/security-announce/2016/Jan/msg00001.html
*** DFN-CERT-2016-0001: Mozilla Firefox, Network Security Services, OpenSSL, GnuTLS: Eine Schwachstelle ermöglicht das Umgehen von Sicherheitsvorkehrungen ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2016-0001/
*** USN-2865-1: GnuTLS vulnerability ***
---------------------------------------------
Ubuntu Security Notice USN-2865-18th January, 2016gnutls26, gnutls28 vulnerabilityA security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTSSummaryGnuTLS could be made to expose sensitive information over the network.Software description gnutls26 - GNU TLS library gnutls28 - GNU TLS library DetailsKarthikeyan Bhargavan and Gaetan Leurent discovered that GnuTLS incorrectlyallowed MD5 to be used for TLS 1.2 connections. If a remote...
---------------------------------------------
http://www.ubuntu.com/usn/usn-2865-1/
*** Bugtraq: [security bulletin] HPSBUX03435 SSRT102977 rev.1 - HP-UX Web Server Suite running Apache, Remote Denial of Service (DoS) ***
---------------------------------------------
http://www.securityfocus.com/archive/1/537254
*** Security Advisory: Privilege escalation vulnerability CVE-2015-7393 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/75/sol75136237.html?ref=rss
*** Security Advisory: BIG-IP AOM password sync vulnerability CVE-2015-8611 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/05/sol05272632.html?ref=rss
*** Security Advisory: F5 Path MTU Discovery vulnerability CVE-2015-7759 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/22/sol22843911.html?ref=rss
More information about the Daily
mailing list