[CERT-daily] Tageszusammenfassung - 07.11.2017

Daily end-of-shift report team at cert.at
Tue Nov 7 18:11:05 CET 2017


=====================
= End-of-Day report =
=====================

Timeframe:   Montag 06-11-2017 18:00 − Dienstag 07-11-2017 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl

=====================
=       News        =
=====================

∗∗∗ Security: Malware mit legitimen Zertifikaten weit verbreitet ∗∗∗
---------------------------------------------
Aktuelle Forschungen werfen erneut ein schlechtes Licht auf den Umgang mit Zertifikaten. Fast 200 Malware-Proben sind mit legitimen digitalen Unterschriften ausgestattet gewesen. Damit kann die Schadsoftware Prüfungen durch Sicherheitssoftware bestehen. (Security, Virus)
---------------------------------------------
https://www.golem.de/news/security-malware-mit-legitimen-zertifikaten-weit-verbreitet-1711-130997-rss.html


∗∗∗ NCSC publishes factsheet Post-quantum cryptography ∗∗∗
---------------------------------------------
The emergence of quantum computers can have major implications for organizations that process sensitive information. Using a future quantum computer, one can decrypt data that is encrypted with popular cryptographic algorithms. The consequences are, however, even more serious. Encrypted data may already be intercepted, awaiting the possibility to decrypt the data with a future quantum computer.
---------------------------------------------
https://www.ncsc.nl/english/current-topics/news/ncsc-publishes-factsheet-post-quantum-cryptography.html


∗∗∗ The Apple iOS 11 Privacy and Security Settings You Should Check ∗∗∗
---------------------------------------------
Heads up, iPhone owners. iOS 11 comes with a batch of security features that merit your attention.
---------------------------------------------
https://www.wired.com/story/ios-11-privacy-security-settings


∗∗∗ Warnung vor gefälschter Bank Austria-Sicherheits-App ∗∗∗
---------------------------------------------
In einer gefälschten Bank Austria-Nachricht fordern Kriminelle Empfänger/innen dazu auf, dass sie eine Sicherheits-App installieren. Die Installation der Anwendung sei erforderlich, damit Kund/innen weiterhin das OnlineBanking ihrer Bank nützen können. In Wahrheit ist die Sicherheits-App Schadsoftware. Sie hilft den Betrüger/innen dabei, das Geld ihrer Opfer zu stehlen.
---------------------------------------------
https://www.watchlist-internet.at/phishing/warnung-vor-gefaelschter-bank-austria-sicherheits-app/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Oh Brother: Hackers can crash your unpatched printers – researchers ∗∗∗
---------------------------------------------
DoSsing for fun and profit not just a nuisance, they warn Security researchers have said theyve uncovered a new way for hackers to crash Brother printers.…
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2017/11/07/brother_printers_crash_vuln/


∗∗∗ DFN-CERT-2017-1975/">Chrome OS: Mehrere Schwachstellen ermöglichen u.a. die komplette Kompromittierung betroffener Systeme ∗∗∗
---------------------------------------------
Betroffene Software: Chrome OS < 62.0.3202.74
Betroffene Plattformen: Chrome OS
Lösung: Patch; Chrome Stable Channel Update for Chrome OS, 27.10.2017
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1975/


∗∗∗ DFN-CERT-2017-1972/">Google Android Operating System: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes ∗∗∗
---------------------------------------------
Betroffene Software
* Google Android Operating System < 5.0.2 2017-11-06
* Google Android Operating System < 5.1.1 2017-11-06
* Google Android Operating System < 6.0 2017-11-06
* Google Android Operating System < 6.0.1 2017-11-06
* Google Android Operating System < 7.0 2017-11-06
* Google Android Operating System < 7.1.1 2017-11-06
* Google Android Operating System < 7.1.2 2017-11-06
* Google Android Operating System < 8.0 2017-11-06
* LG Mobile Android < SMR-NOV-2017
* Samsung Mobile Android < SMR-NOV-2017
Betroffene Plattformen
* Google Nexus
* Google Pixel
* Google Android Operating System
* LG Mobile Android
* Samsung Mobile Android
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1972/


∗∗∗ Vulnerabilities in multiple third party TYPO3 CMS extensions ∗∗∗
---------------------------------------------
several vulnerabilities have been found in the following third party TYPO3 extensions:
* "File manager" (ameos_filemanager)
* "T3Blog Extbase" (t3extblog)
* "Recommend page " (pb_recommend_page)
* "Formhandler" (formhandler)
* "restler" (restler)
* "CAB FAL search" (falsearch)
* "Multishop" (multishop)
---------------------------------------------
http://lists.typo3.org/pipermail/typo3-announce/2017/000413.html


∗∗∗ [20171103] - Core - Information Disclosure ∗∗∗
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/ZBmazG0EZeU/715-20171103-core-information-disclosure.html


∗∗∗ [20171102] - Core - 2-factor-authentication bypass ∗∗∗
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/KWysQZRrTWQ/713-20171102-core-2-factor-authentication-bypass.html


∗∗∗ [20171101] - Core - LDAP Information Disclosure ∗∗∗
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/_Ud0fZdMIyg/714-20171101-core-ldap-information-disclosure.html


∗∗∗ DFN-CERT-2017-1973/">Symantec Endpoint Protection: Mehrere Schwachstellen ermöglichen u.a. die Eskalation von Privilegien ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1973/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Composite Application Manager for Transactions (Multiple CVEs) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22008552


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Virtualization Engine TS7700 – July 2017 ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010650


∗∗∗ IBM Security Bulletin: A vulnerability in the SQLite component of the Response Time agent affects IBM Performance Management products ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22007610


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Runtime Environments Java Technology Edition, versions 6, 7, & 8 affect Transformation Extender ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22004827


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22010154


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Runtime Environments Java Technology Edition, versions 6, 7, & 8 affect Transformation Extender ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22008814

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list