[CERT-daily] Tageszusammenfassung - Mittwoch 11-05-2016

Wed May 11 18:13:31 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 10-05-2016 18:00 − Mittwoch 11-05-2016 18:00
Handler:     Stephan Richter
Co-Handler:  Alexander Riepl


*** Security Advisory posted for Adobe Flash Player (APSA16-02) ***
---------------------------------------------
A Security Advisory (APSA16-02) has been published regarding a critical vulnerability (CVE-2016-4117) in Adobe Flash Player. Adobe is aware of a report that an exploit ..
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1346


*** Security Updates for Adobe Acrobat and Reader and Hotfixes for ColdFusion Available ***
---------------------------------------------
Security Bulletins for Adobe Acrobat and Reader (APSB16-14) as well as ColdFusion (APSB16-16) have been published. Adobe recommends users update their product installations to the latest versions using the instructions in the relevant security ..
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1350


*** IBM Security Bulletin: The Elastic Storage Server and the GPFS Storage Server are affected by vulnerabilities in IBM Spectrum Scale (CVE-2016-0263, CVE2016-0361) ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=isg3T1023767


*** MS16-MAY - Microsoft Security Bulletin Summary for May 2016 - Version: 1.0 ***
---------------------------------------------
https://technet.microsoft.com/en-us/library/security/MS16-MAY


*** May 2016 security update release ***
---------------------------------------------
Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month's security ..
---------------------------------------------
https://blogs.technet.microsoft.com/msrc/2016/05/10/may-2016-security-update-release/


*** 5 security experts share their best tips for 'fringe' devices ***
---------------------------------------------
What is a 'fringe' device in IT?For some, it's a gadget everyone has forgotten about - a printer in a corner office, an Android tablet in a public area used to schedule conference rooms. A fringe device can also be one that's common enough to be used ..
---------------------------------------------
http://www.cio.com/article/3068406/security/5-security-experts-share-their-best-tips-for-fringe-devices.html


*** Panasonic FPWIN Pro Vulnerabilities ***
---------------------------------------------
This advisory contains mitigation details concerning buffer overflow vulnerabilities in Panasonic FPWIN Pro software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01


*** DSA-3574 libarchive - security update ***
---------------------------------------------
Rock Stevens, Andrew Ruef and Marcin Icewall Noga discovered aheap-based buffer overflow vulnerability in the zip_read_mac_metadatafunction in libarchive, a multi-format archive and compression library,which may ..
---------------------------------------------
https://www.debian.org/security/2016/dsa-3574


*** It's time to get serious about ICS cybersecurity ***
---------------------------------------------
As recently reported by The Register, a proof-of-concept PLC worm could spell disaster for the critical infrastructure by making attacks exponentially more difficult to detect and stop. Unfortunately, the proof of concept of a PLC worm is a viable scenario which could cause immeasurable ..
---------------------------------------------
https://www.helpnetsecurity.com/2016/05/11/time-get-serious-ics-cybersecurity/


*** Patchday: Microsoft schliesst Zero-Day-Lücke im Internet Explorer ***
---------------------------------------------
Wie jeden Monat heißt es auch im Mai für Windows-Nutzer wieder einmal: Jetzt schnell Patches einspielen! Diesmal ist es besonders dringend, denn eine im Patchday geschlossene Lücke wurde bereits vor ihrer Veröffentlichung aktiv für Angriffe missbraucht.
---------------------------------------------
http://heise.de/-3202816


*** Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities ***
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016050040


*** The Art of Searching for Open Source Intelligence ***
---------------------------------------------
The Internet is a big ocean, and it carries loads of information you might be interested in or looking for, but where and how to find that information? Thanks to search engines like Google that make the searches using a query possible, ..
---------------------------------------------
http://resources.infosecinstitute.com/the-art-of-searching-for-open-source-intelligence/


*** CryptXXX 2.0 foils decryption tool, locks PCs ***
---------------------------------------------
CryptXXX ransomware, first spotted in mid-April, has reached version 2.0, and a new level of nastiness. It's also on its way to become one of the top ransomware families in the wild. The malware's first version would encrypt files but leave ..
---------------------------------------------
https://www.helpnetsecurity.com/2016/05/11/cryptxxx-2-0-foils-decryption/


*** Adobe lässt sich Zeit mit Patch für ausgenutzte Lücke ***
---------------------------------------------
Mit dem Sicherheitsupdate für den Flash-Player lässt Adobe sich mehr Zeit, als Nutzer zum Deinstallieren der Software benötigen. 
---------------------------------------------
http://www.golem.de/news/kritische-flash-luecke-adobe-laesst-sich-zeit-mit-patch-fuer-ausgenutzte-luecke-1605-120841.html


*** Hintergrund: Dridex analysiert ***
---------------------------------------------
Eine kleine Artikelreihe zeigt, wie man einen Bot-Netz-Client mit dem Debugger auseinander nimmt.
---------------------------------------------
http://heise.de/-3204362


*** TA16-132A: Exploitation of SAP Business Applications ***
---------------------------------------------
Original release date: May 11, 2016 Systems Affected Outdated or misconfigured SAP systems Overview At least 36 organizations worldwide are affected by an SAP vulnerability [1]. Security researchers from Onapsis discovered ..
---------------------------------------------
https://www.us-cert.gov/ncas/alerts/TA16-132A


*** Updated factsheets security of ICS/SCADA systems ***
---------------------------------------------
Malicious persons and security researchers show interest in the (lack of) security of industrial control systems. This relates not only to 'traditional' ICS/SCADA systems, but also to building management systems (incl. HVAC and CCTV).
---------------------------------------------
https://www.ncsc.nl/english/current-topics/news/updated-factsheets-security-of-ics-scada-systems.html


*** IBM Security Bulletin: Multiple vulnerabilities in Samba affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg2C1000130


*** IBM Security Bulletin: IBM Emptoris Sourcing is affected by open redirect vulnerability (CVE-2016-0329). ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21982629


*** IBM Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg2C1000110