[CERT-daily] Tageszusammenfassung - 10.11.2017

Fri Nov 10 18:22:51 CET 2017

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 09-11-2017 18:00 − Freitag 10-11-2017 18:00
Handler:     Nina Bieringer
Co-Handler:  Olaf Schwarz

=====================
=       News        =
=====================

∗∗∗ "Eavesdropper" Vulnerability Exposes Millions of Private Conversations ∗∗∗
---------------------------------------------
Security researchers have discovered that tens of developers have left API credentials in hundreds of applications built around the Twilio service.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/-eavesdropper-vulnerability-exposes-millions-of-private-conversations/


∗∗∗ Google Ranks Phishing Above Keyloggers & Password Reuse as Bigger Threat to Users ∗∗∗
---------------------------------------------
Research carried out by Google engineers and academics from the University of California, Berkeley and the International Computer Science Institute has revealed that phishing attacks pose a more significant threat to users losing access to their Google accounts when compared to keyloggers or password reuse.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/google-ranks-phishing-above-keyloggers-and-password-reuse-as-bigger-threat-to-users/


∗∗∗ First Android Malware Detected Using New "Toast Overlay" Attack ∗∗∗
---------------------------------------------
A theoretical attack described by security researchers at the start of September has been integrated into a live malware distribution campaign for the first time.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/first-android-malware-detected-using-new-toast-overlay-attack/


∗∗∗ Ordinypt: Erpressungstrojaner bedroht deutsche Firmen ∗∗∗
---------------------------------------------
Allem Anschein nach geht in Deutschland ein neuer Trojaner um, der auf Personalabteilungen zielt und Lösegeld erpresst. Der in Delphi verfasste Trojaner lässt Opfern allerdings keine Chance, ihre Daten wiederzubekommen.
---------------------------------------------
https://heise.de/-3887249


∗∗∗ Achtung: Abzocker-Version des Windows Movie Maker ist Nummer Eins bei Google ∗∗∗
---------------------------------------------
Eine gefälschte Version des nicht mehr von Microsoft angebotenen Windows Movie Maker verführt Opfer zum Download und bittet sie dann zur Kasse. Die Betrüger-Webseite hat es sogar ganz vorne in die Ergebnisse vieler Suchmaschinen geschafft.
---------------------------------------------
https://heise.de/-3887323


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Upcoming Security Updates for Adobe Reader and Acrobat (APSB17-36) ∗∗∗
---------------------------------------------
A prenotification Security Advisory has been posted regarding upcoming Adobe Reader and Acrobat updates scheduled for Tuesday, November 14, 2017.
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1508


∗∗∗ AutomationDirect CLICK, C-More, C-More Micro, GS Drives, and SL-Soft SOLO ∗∗∗
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-17-313-01


∗∗∗ Schneider Electric InduSoft Web Studio and InTouch Machine Edition ∗∗∗
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-17-313-02


∗∗∗ iOS 11.1.1 ∗∗∗
---------------------------------------------
https://support.apple.com/kb/HT208255


∗∗∗ DFN-CERT-2017-1998/">PostgreSQL: Mehrere Schwachstellen ermöglichen u.a. die Manipulation von Dateien ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1998/


∗∗∗ DFN-CERT-2017-1995/">GitLab: Mehrere Schwachstellen ermöglichen das Ausspähen von Informationen ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1995/


∗∗∗ IBM Security Bulletin: IBM Content Classification is affected by a Open Source Commons FileUpload Apache Vulnerabilities ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22010229


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM QRadar Network Security Manager component of IBM Security SiteProtector System ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22007568


∗∗∗ SSA-901333 (Last Update 2017-11-09): KRACK Attacks Vulnerabilities in Industrial Products ∗∗∗
---------------------------------------------
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-901333.pdf


∗∗∗ VMSA-2017-0017 ∗∗∗
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2017-0017.html


∗∗∗ VMSA-2017-0016 ∗∗∗
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2017-0016.html

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily