[CERT-daily] Tageszusammenfassung - Freitag 2-06-2017

Daily end-of-shift report team at cert.at
Fri Jun 2 18:07:55 CEST 2017


=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 01-06-2017 18:00 − Freitag 02-06-2017 18:00
Handler:     Stephan Richter
Co-Handler:  Alexander Riepl


*** Phoenix Broadband Technologies LLC PowerAgent SC3 Site Controller ***
---------------------------------------------
This advisory contains mitigation details for a use of hard-coded password vulnerability in the Phoenix Broadband Technologies LLC PowerAgent SC3 Site Controller.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-17-152-01




*** Passwords at the Border ***
---------------------------------------------
The password-manager 1Password has just implemented a travel mode that tries to protect users while crossing borders. It doesnt make much sense. To enable it, you have to create a list of passwords you feel safe traveling with, and then you can turn on the mode ..
---------------------------------------------
https://www.schneier.com/blog/archives/2017/06/passwords_at_th.html




*** Financial malware more than twice as prevalent as ransomware ***
---------------------------------------------
Three Trojans dominated the financial threat landscape in 2016 and attackers increased their focus on corporate ..
---------------------------------------------
https://www.symantec.com/connect/blogs/financial-malware-more-twice-prevalent-ransomware




*** CIA Malware Can Switch Clean Files With Malware When You Download Them via SMB ***
---------------------------------------------
After taking last week off, WikiLeaks came back today and released documentation on another ..
---------------------------------------------
https://www.bleepingcomputer.com/news/security/cia-malware-can-switch-clean-files-with-malware-when-you-download-them-via-smb/




*** DSA-3872 nss - security update ***
---------------------------------------------
Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in denial of service or information disclosure.
---------------------------------------------
https://www.debian.org/security/2017/dsa-3872




*** DSA-3871 zookeeper - security update ***
---------------------------------------------
It was discovered that Zookeeper, a service for maintaining configuration information, didn't restrict access to the computationally expensive wchp/wchc commands which could result in denial of service by elevated CPU consumption.
---------------------------------------------
https://www.debian.org/security/2017/dsa-3871




*** Riverbed SteelHead VCX 9.6.0a Arbitrary File Read ***
---------------------------------------------
https://cxsecurity.com/issue/WLB-2017060017




*** Weak DevOps cryptographic policies increase financial services cyber risk ***
---------------------------------------------
Cryptographic security risks are amplified in DevOps settings, where compromises in development or test environments can spread to production systems and applications. This is a particular issue for financial services organizations, which have ..
---------------------------------------------
https://www.helpnetsecurity.com/2017/06/02/weak-devops-cryptographic-policies/




*** Phishing Campaigns Follow Trends ***
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=22482




*** WannaCry and Vulnerabilities ***
---------------------------------------------
There is plenty of blame to go around for the WannaCry ransomware that spread throughout the Internet earlier this month, disrupting work at hospitals, factories, businesses, and universities. First, there are the writers of the malicious software, which ..
---------------------------------------------
https://www.schneier.com/blog/archives/2017/06/wannacry_and_vu.html




*** Hadoop Servers Expose Over 5 Petabytes of Data ***
---------------------------------------------
Improperly configured HDFS-based servers, mostly Hadoop installs, are exposing over five petabytes of information, according to John Matherly, founder of Shodan, a ..
---------------------------------------------
https://www.bleepingcomputer.com/news/security/hadoop-servers-expose-over-5-petabytes-of-data/




*** IBM Security Bulletin: Vulnerability in Samba affects IBM Netezza Host Management ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22003112




*** Check-Point-Bericht: Gefährliche Backdoor in jedem zehnten deutschen Unternehmensnetz ***
---------------------------------------------
Die Fireball getaufte Adware ist mit über 250 Millionen Installationen nicht nur sehr verbreitet, sondern auch sehr gefährlich: Laut Check Point kann sie beliebigen Code auf dem System ausführen und so auch Malware nachladen.
---------------------------------------------
https://heise.de/-3732893


More information about the Daily mailing list