[CERT-daily] Tageszusammenfassung - Freitag 9-06-2017

Fri Jun 9 18:06:10 CEST 2017

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 08-06-2017 18:00 − Freitag 09-06-2017 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Is WannaCry Really Ransomware? ***
---------------------------------------------
This post summarizes the significant efforts of a McAfee threat research team that has been relentless in its efforts to gain a deeper understanding of the WannaCry ransomware. We would like to specifically acknowledge Christiaan Beek, Lynda ..
---------------------------------------------
https://securingtomorrow.mcafee.com/executive-perspectives/wannacry-really-ransomware/


*** Phishing Leveraging the Sucuri Brand ***
---------------------------------------------
We are always on guard for phishing emails and websites that might try to compromise our customers or employees, so that we can be on top of the issue and warn as many people as possible. Targeted ..
---------------------------------------------
https://blog.sucuri.net/2017/06/phishing-leveraging-sucuri-brand.html


*** Windows 10 Creators Update provides next-gen ransomware protection ***
---------------------------------------------
Multiple high-profile incidents have demonstrated that ransomware can have catastrophic effects on all of us. From personally losing access to your own digital property, to being ..
---------------------------------------------
https://blogs.technet.microsoft.com/mmpc/2017/06/08/windows-10-creators-update-hardens-security-with-next-gen-defense/


*** Mouse Over, Macro: Spam Run in Europe Uses Hover Action to Deliver Banking Trojan ***
---------------------------------------------
We found another unique method being used to deliver malware—abusing the action that happens when simply hovering the mouse’s pointer over a hyperlinked picture or text in a PowerPoint ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/mouseover-otlard-gootkit/


*** Hacker stehlen "Cyberpunk 2077"-Daten und erpressen Hersteller CD Projekt ***
---------------------------------------------
"The Wicher 3"-Entwickler gab Diebstahl in einer Stellungnahme bekannt
---------------------------------------------
http://derstandard.at/2000059016376


*** In eigener Sache: Umstellung auf wöchentliches Wartungsfenster ***
---------------------------------------------
Um die Administration zu erleichtern, werden wir ab 22. 6. 2017 auf ein wöchentliches Wartungsfenster umstellen: dieses wird jeweils am Donnerstag von 19-22h sein. Falls also ..
---------------------------------------------
http://www.cert.at/services/blog/20170609114214-2029.html


*** Android-Trojaner Dvmap kompromittiert Systeme wie kein anderer ***
---------------------------------------------
Sicherheitsforscher warnen vor einem Schädling in Google Play, der Android-Geräte mit bisher unbekannten Methoden komplett in seine Gewalt bringen kann.
---------------------------------------------
https://heise.de/-3739451


*** Steirische WK richtet Hotline für Firmen gegen Cyberangriffe ein ***
---------------------------------------------
Pilotversuch startet in der Steiermark – Mehr als jedes fünfte Unternehmen bereits Opfer von Angriffen aus dem Netz
---------------------------------------------
http://derstandard.at/2000059028695


*** SSA-023589 (Last Update 2017-06-09): SMBv1 Vulnerabilities in Advanced Therapy Products from Siemens Healthineers ***
---------------------------------------------
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-023589.pdf


*** Microsoft: OpenBSD kommt für die Azure-Cloud ***
---------------------------------------------
Das Unix-Betriebssystem OpenBSD gilt als besonders sicher und stabil. Microsoft erkennt dessen Potential und macht es für Azure verfügbar. Dazu kooperiert das Unternehmen mit ..
---------------------------------------------
https://www.golem.de/news/microsoft-openbsd-kommt-fuer-die-azure-cloud-1706-128295.html


*** DomainTools 101: DNS Shadow Hack-Attacked ***
---------------------------------------------
In this article we will dive into the attack vector known as domain shadowing, and how it can land an ..
---------------------------------------------
https://blog.domaintools.com/2017/06/domaintools-101-dns-shadow-hack-attacked/