[CERT-daily] Tageszusammenfassung - Montag 22-05-2017

Daily end-of-shift report team at cert.at
Mon May 22 18:16:28 CEST 2017


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 19-05-2017 18:00 − Montag 22-05-2017 18:00
Handler:     Alexander Riepl
Co-Handler:  Stephan Richter



*** Terror Exploit Kit Evolves Into Larger Threat ***
---------------------------------------------
The Terror exploit kit has matured into a greater threat and carefully crafts attacks based on a users browser environment.
---------------------------------------------
http://threatpost.com/terror-exploit-kit-evolves-into-larger-threat/125816/




*** DSA-3859 dropbear - security update ***
---------------------------------------------
https://www.debian.org/security/2017/dsa-3859




*** DSA-3858 openjdk-7 - security update ***
---------------------------------------------
Several vulnerabilities have been discovered in OpenJDK, animplementation of the Oracle Java platform, resulting in privilege escalation, denial of service, newline injection in SMTP or use of insecure cryptography.
---------------------------------------------
https://www.debian.org/security/2017/dsa-3858




*** WannaCry: Fast nur Windows-7-PCs infiziert ***
---------------------------------------------
Mehr als 98 Prozent aller mit WannaCry infizierten PCs laufen nach Zahlen von Kaspersky Lab unter Windows 7.
---------------------------------------------
https://heise.de/-3719145




*** Nordkorea unterhält offenbar Spezialeinheit für Cyberangriffe auf Banken ***
---------------------------------------------
Soll angeblich hauptsächlich Devisen beschaffen
---------------------------------------------
http://derstandard.at/2000058034871




*** Netgear fixes router by adding phone-home features that record your IP and MAC address ***
---------------------------------------------
Yeah, that'll be secure for sure Netgear NightHawk R7000 users who ran last weeks firmware upgrade need to check their settings, because the company added a remote data collection feature to the units.
---------------------------------------------
www.theregister.co.uk/2017/05/21/netgear_updates_router_with_phone_home_feature/




*** "Athena": Mächtiges CIA-Tool knackt alle Windows-Versionen seit XP ***
---------------------------------------------
Wikileaks publiziert Dokumente - Umfassende Überwachungsmöglichkeiten, Malware kann auch Daten löschen
---------------------------------------------
http://derstandard.at/2000058071298




*** IT threat evolution Q1 2017. Statistics ***
---------------------------------------------
According to KSN data, Kaspersky Lab solutions detected and repelled 479,528,279 malicious attacks from online resources located in 190 countries all over the world. File antivirus detected a total of 174,989,956 unique malicious and potentially unwanted objects.
---------------------------------------------
http://securelist.com/analysis/quarterly-malware-reports/78475/it-threat-evolution-q1-2017-statistics/




*** Operation "Porto": 159 Dealer im Darknet ausgeforscht ***
---------------------------------------------
Ermittlungsverfahren gegen 697 Personen - 35 kg Suchtgift sowie 4.500 Tabletten sichergestellt
---------------------------------------------
http://derstandard.at/2000058084813




*** Achtung, Abzocke: Microsoft warnt erneut vor betrügerischen Anrufen ***
---------------------------------------------
Mit angeblichen Support-Anrufen von Unternehmen wie Microsoft oder Dell versuchen Betrüger, PC-Besitzer abzuzocken. Trotz einiger Erfolge der Ermittler bleibt das Problem virulent.
---------------------------------------------
https://heise.de/-3720168




*** The Problem with OCSP Stapling and Must Staple and why Certificate Revocation is still broken ***
---------------------------------------------
Today the OCSP servers from Let's Encrypt were offline for a while. This has caused far more trouble than it should have, because in theory we have all the technologies available to handle such an incident. However due to failures in how they are implemented they don't really work.
---------------------------------------------
https://blog.hboeck.de/archives/886-The-Problem-with-OCSP-Stapling-and-Must-Staple-and-why-Certificate-Revocation-is-still-broken.html




*** Was die Datenschutzverordnung bringt: Sammelklagen, Beauftragte ***
---------------------------------------------
Nutzer können ab Mai 2018 ihre Rechte leichter durchsetzen, sagt IT-Anwalt Lukas Feiler
---------------------------------------------
http://derstandard.at/2000058102109




*** Yahoo schmeisst ImageMagick nach Sicherheitslücke aus eigenem Webmail-Code ***
---------------------------------------------
Durch die Schwachstelle konnten Angreifer Speicherinhalte der Yahoo-Server auslesen und so die E-Mail-Anhänge anderer Nutzer ausspionieren. Yahoo schloss die Lücke innerhalb eines selbstverordneten 90-Tage-Ultimatums.
---------------------------------------------
https://heise.de/-3720803


More information about the Daily mailing list