[CERT-daily] Tageszusammenfassung - Donnerstag 18-05-2017

Thu May 18 18:07:37 CEST 2017

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 17-05-2017 18:00 − Donnerstag 18-05-2017 18:00
Handler:     Stephan Richter
Co-Handler:  Alexander Riepl


*** Bootstrap - Critical - Information Disclosure - SA-CONTRIB-2017-048 ***
---------------------------------------------
This theme enables you to bridge the gap between the Bootstrap Framework and Drupal. The theme does not sufficiently exclude the submitted password value when an incorrect value ..
---------------------------------------------
https://www.drupal.org/node/2879177


*** 4022345 - Identifying and correcting failure of Windows Update client to receive updates - Version: 1.3 ***
---------------------------------------------
Microsoft is releasing this security advisory to provide information related to an uncommon deployment scenario in which the Windows Update Client may not properly scan for, or download, updates. This scenario may affect customers who installed ..
---------------------------------------------
https://technet.microsoft.com/en-us/library/security/4022345


*** iPrint Appliance 2.0 Patch 5 ***
---------------------------------------------
iPrint Appliance 2.0 Patch 5 includes bug fixes, security fixes and a consolidation of previously released patches and hot patches for the iPrint Appliance 2.0.
---------------------------------------------
https://download.novell.com/Download?buildid=nKiTte1j9yM~


*** iPrint Appliance 2.1 Patch 3 ***
---------------------------------------------
iPrint Appliance 2.1 Patch 3 is a cumulative patch including fixes from all the previous 2.1 patches and hot fixes.
---------------------------------------------
https://download.novell.com/Download?buildid=4QmSWkUlwrA~


*** Indicators Associated With WannaCry Ransomware (Update B) ***
---------------------------------------------
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-135-01A Indicators Associated With WannaCry Ransomware that was published May 16, 2017, on the NCCIC/ICS-CERT web site.
---------------------------------------------
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-135-01B


*** My Little CVE Bot ***
---------------------------------------------
The massive spread of the WannaCry ransomware last Friday was another good proof that many organisations still fail to patch their systems. Everybody admits that patching is a boring task. They are many constraints that make this process very difficult to implement ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=22432


*** Handbrake-Trojaner: Quellcode des Mac-Entwicklerstudios Panic entwendet ***
---------------------------------------------
Die auf Mac-Nutzer abzielene Malware “Proton” hat ein erstes prominentes Opfer gefordert: Unbekannte klauten den Quelltext zu mehreren Apps des Entwicklerstudios Panic. Kundendaten sind nicht betroffen, betont das Unternehmen.
---------------------------------------------
https://heise.de/-3716479


*** Why the most successful Retefe spam campaign never paid off ***
---------------------------------------------
Switzerland is one of the main targets of the Retefe banking trojan since its first appearance in November 2013. At ..
---------------------------------------------
https://securityblog.switch.ch/2017/05/18/why-the-most-successful-retefe-spam-campaign-never-paid-off/


*** SSB-412479 (Last Update 2017-05-17): Customer Information on WannaCry Malware for Siemens Healthineers Imaging and Diagnostics Products ***
---------------------------------------------
https://www.siemens.com/cert/pool/cert/siemens_security_bulletin_ssb-412479.pdf


*** [2017-05-18] Multiple critical vulnerabilities in Western Digital TV Media Player ***
---------------------------------------------
Multiple critical vulnerabilities, such as unauthenticated arbitrary file upload or local file inclusion, within the WDTV Media Player devices allow an attacker to take over the device over the network.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170518-0_WDTV_Media_Player_Multiple_critical_vulnerabilities_v10.txt


*** Security Alert: BlueDoom Worm Caught Spreading through EternalBlue, Integrates Batch of Leaked NSA Exploits ***
---------------------------------------------
Unfortunately for users who haven’t patched their systems yet after the WannaCry ransomware campaign, there has been an increase in attempts to abuse the EternalBlue exploit in the past few ..
---------------------------------------------
https://heimdalsecurity.com/blog/bluedoom-worm-eternablue-nsa-exploits/


*** ATM Black Box attacks: 27 arrested all over Europe ***
---------------------------------------------
The efforts of a number of EU Member States and Norway, supported by Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT), culminated in the arrest of 27 individuals linked with so-called ATM Black Box attacks across ..
---------------------------------------------
https://www.helpnetsecurity.com/2017/05/18/black-box-attacks/


*** 22 Cisco Security Advisories 2017-05-17 ***
---------------------------------------------
1 Critical, 3 High, 18 Medium
---------------------------------------------
https://tools.cisco.com/security/center/publicationListing.x