[CERT-daily] Tageszusammenfassung - Dienstag 2-05-2017

Daily end-of-shift report team at cert.at
Tue May 2 18:05:44 CEST 2017


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 28-04-2017 18:00 − Dienstag 02-05-2017 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Exploiting .NET Managed DCOM ***
---------------------------------------------
Posted by James Forshaw, Project ZeroOne of the more interesting classes of security vulnerabilities are those affecting interoperability technology. This is because these vulnerabilities typically affect any application using the technology, regardless of what the application actually does. Also in many cases they’re difficult ..
---------------------------------------------
http://googleprojectzero.blogspot.com/2017/04/exploiting-net-managed-dcom.html




*** 2017 Verizon DBIR: Sex Sells, But the Basics Get It Done ***
---------------------------------------------
This year’s Verizon Data Breach Investigations Report has been published, and as with its prior nine incarnations, the report is ..
---------------------------------------------
https://www.beyondtrust.com/blog/2017-verizon-dbir-sex-sells-basics-get-done/




*** DSA-3838 ghostscript - security update ***
---------------------------------------------
Several vulnerabilities were discovered in Ghostscript, the GPLPostScript/PDF interpreter, which may lead to the execution of arbitrary code or denial of service if a specially crafted Postscript file is processed.
---------------------------------------------
https://www.debian.org/security/2017/dsa-3838




*** 7 Reasons Why IoT Hacks Will Keep Happening ***
---------------------------------------------
Hacks happen almost on a daily basis, if not every minute of every day. In fact, some say that ..
---------------------------------------------
https://safeandsavvy.f-secure.com/2017/04/28/7-reasons-why-iot-device-hacks-will-keep-happening/




*** DSA-3839 freetype - security update ***
---------------------------------------------
Several vulnerabilities were discovered in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code.
---------------------------------------------
https://www.debian.org/security/2017/dsa-3839




*** Forschern gelingt Autohack für 20 Euro ***
---------------------------------------------
Billige Gadgets kopieren Entsperrsignal des Schlüssels – immer noch viele Autos betroffen
---------------------------------------------
http://derstandard.at/2000056487404




*** Orange is the new Black: Hacker leaken Staffel 5 ***
---------------------------------------------
Laut den Hackern ist dies nur der Vorgeschmack. Sie drohen damit weitere Filme und Serien zu veröffentlichen, die offiziell erst in Monaten erscheinen.
---------------------------------------------
https://futurezone.at/digital-life/orange-is-the-new-black-hacker-leaken-staffel-5/261.279.707




*** "Dok": Neue Mac-Malware spioniert Browser aus ***
---------------------------------------------
Kann gesamte Browser-Kommunikation belauschen – derzeit vor allem europäische User im Visier
---------------------------------------------
http://derstandard.at/2000056812916




*** Carbanak Continues To Evolve: Quietly Creeping into Remote Hosts ***
---------------------------------------------
Introduction I recently engaged in an investigation involving two new Carbanak campaigns targeting the hospitality ..
---------------------------------------------
https://www.trustwave.com/Resources/SpiderLabs-Blog/Carbanak-Continues-To-Evolve--Quietly-Creeping-into-Remote-Hosts/




*** Intels remote AMT vulnerablity ***
---------------------------------------------
Intel just announced a vulnerability in their Active Management Technology stack. Heres what we know so far.Background Intel chipsets for some years have included a Management Engine, a small microprocessor that runs independently of the main CPU and operating ..
---------------------------------------------
http://mjg59.dreamwidth.org/48429.html




*** IBM Warns Customers That Some of Its USB Flash Drives May Contain Malware ***
---------------------------------------------
IBM has issued a security alert last week, warning customers that some USB flash drives shipped with IBM Storwize products may contain malicious code.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/ibm-warns-customers-that-some-of-its-usb-flash-drives-may-contain-malware/




*** Sicherheitsupdates: Jenkins vielfältig angreifbar ***
---------------------------------------------
Unter gewissen Voraussetzungen könnten Angreifer sich höhere Rechte erschleichen oder sogar Schadcode ausführen.
---------------------------------------------
https://heise.de/-3700838




*** Spam and phishing in Q1 2017 ***
---------------------------------------------
Although the beginning of Q1 2017 was marked by a decline in the amount of spam in overall global email traffic, in March the situation became more stable, and the average share of ..
---------------------------------------------
http://securelist.com/analysis/quarterly-spam-reports/78221/spam-and-phishing-in-q1-2017/




*** Cerber Version 6 Shows How Far the Ransomware Has Come (and How Far it’ll Go) ***
---------------------------------------------
Cerber set itself apart from other file-encrypting malware when its developers commoditized the malware, adopting a business model where fellow cybercriminals can buy the ransomware as a service. The developers earn through commissions—as much as 40%—for every ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/cerber-ransomware-evolution/




*** New Shodan Tool Can Find Malware Command and Control (C&C) Servers ***
---------------------------------------------
Shodan and Recorded Future have launched today a search engine for discovering malware command-and-control (C&C) servers. Named Malware Hunter, this new tool is integrated into ..
---------------------------------------------
https://www.bleepingcomputer.com/news/security/new-shodan-tool-can-find-malware-command-and-control-candc-servers/




*** Security Scoring and Grading for Containers and Images ***
---------------------------------------------
We have just rolled out an update to the interface of the Red Hat Container Catalog that helps provide the answer to the question of whether or not a particular container image we provide ..
---------------------------------------------
https://access.redhat.com/blogs/product-security/posts/container-security-scoring




*** Citrix XenServer Multiple Security Updates ***
---------------------------------------------
A number of security issues have been identified within Citrix XenServer. These issues could, if exploited, allow a malicious ..
---------------------------------------------
https://support.citrix.com/article/CTX223291


More information about the Daily mailing list