[CERT-daily] Tageszusammenfassung - 21.11.2017

Tue Nov 21 18:03:43 CET 2017

=====================
= End-of-Day report =
=====================

Timeframe:   Montag 20-11-2017 18:00 − Dienstag 21-11-2017 18:00
Handler:     Nina Bieringer
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ SSL Certificate Provider StartCom Shuts Down After Browser Ban ∗∗∗
---------------------------------------------
Certificate Authority (CA) StartCom announced last week, on Friday, its intention to cease operations by 2018, and completely shut down its certificate infrastructure by ..
---------------------------------------------
https://www.bleepingcomputer.com/news/security/ssl-certificate-provider-startcom-shuts-down-after-browser-ban/


∗∗∗ Factsheet Building a SOC: start small ∗∗∗
---------------------------------------------
An increasingly common way to achieve visibility and control of information security is to implement a Security Operations Centre (SOC). In order for a SOC to function successfully, it must be tied in with the business processes. This makes building a SOC ..
---------------------------------------------
https://www.ncsc.nl/english/current-topics/factsheets/factsheet-building-a-soc-start-small.html


∗∗∗ The Art of Fuzzing – Slides and Demos ∗∗∗
---------------------------------------------
Over the last weeks I presented talks on the topic of fuzzing at conferences such as DefCamp, Heise Dev Sec, IT-SeCX and BSides Vienna. As promised, I make my slides and demos available to the public with this blog post .
---------------------------------------------
https://www.sec-consult.com/en/blog/2017/11/the-art-of-fuzzing-slides-and-demos/index.html


∗∗∗ Kritische Sicherheitslücke: Traffic von F5 BIG-IP-Appliances lässt sich entschlüsseln ∗∗∗
---------------------------------------------
Firewalls, Load-Balancer und andere BIG-IP-Systeme sind anfällig für einen Angriff, bei dem dritte den verschlüsselten SSL-Traffic zwischen Client und Appliance abhören können. Admins, die solche Systeme im Einsatz haben ..
---------------------------------------------
https://heise.de/-3895060


∗∗∗ Intel stopft neue Sicherheitslücken der Management Engine (SA-00086) ∗∗∗
---------------------------------------------
Intels Security Advisory SA-00086 beschreibt mehrere Fehler in der Firmware der Management Engine (ME 11.0 bis 11.7), in Trusted Execution Engine 3.0 und in den Server Platform Services (SPS 4.0).
---------------------------------------------
https://heise.de/-3895175


∗∗∗ OSX.Proton spreading through fake Symantec blog ∗∗∗
---------------------------------------------
A new variant of the OSX.Proton malware is being promoted via a fake Symantec blog site.
---------------------------------------------
https://blog.malwarebytes.com/threat-analysis/mac-threat-analysis/2017/11/osx-proton-spreading-through-fake-symantec-blog/


∗∗∗ Schwerwiegende Sicherheitsprobleme in Systemen mit aktuellen Intel-Prozessoren ∗∗∗
---------------------------------------------
Schwerwiegende Sicherheitsprobleme in Systemen mit aktuellen Intel-Prozessoren 21. November 2017 Beschreibung Wie Intel meldet (INTEL-SA-00086), gibt es aktuell mehrere Schwachstellen in Systemen mit ..
---------------------------------------------
http://www.cert.at/warnings/all/20171121.html


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security Advisory 2017-07: Security Update for OTRS Framework ∗∗∗
---------------------------------------------
Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Please send information regarding vulnerabilities ..
---------------------------------------------
https://www.otrs.com/security-advisory-2017-07-security-update-otrs-framework/


∗∗∗ Samba: Use-after-free vulnerability ∗∗∗
---------------------------------------------
All versions of Samba from 4.0.0 onwards are vulnerable to a use after free vulnerability, where a malicious SMB1 request can be used to control the contents of heap memory via a deallocated heap pointer. It is possible this may be used to compromise the SMB server.
---------------------------------------------
https://www.samba.org/samba/security/CVE-2017-14746.html


∗∗∗ Samba: Server heap memory information leak ∗∗∗
---------------------------------------------
All versions of Samba from 3.6.0 onwards are vulnerable to a heap memory information leak, where server allocated heap memory may be returned to the client without being cleared.
---------------------------------------------
https://www.samba.org/samba/security/CVE-2017-15275.html


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Cast Iron ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22009696


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Collaboration and Deployment Services ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22010685

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily