[CERT-daily] Tageszusammenfassung - 23.11.2017
Daily end-of-shift report
team at cert.at
Thu Nov 23 18:05:46 CET 2017
=====================
= End-of-Day report =
=====================
Timeframe: Mittwoch 22-11-2017 18:00 − Donnerstag 23-11-2017 18:00
Handler: Nina Bieringer
Co-Handler: Alexander Riepl
=====================
= News =
=====================
∗∗∗ Amazon Key Bug Lets Rogue Deliverymen Re-Enter Homes Without Being Recorded ∗∗∗
---------------------------------------------
A month after Amazon launched Amazon Key, security experts have already identified a flaw in the devices mode of operation that could allow rogue deliverymen to re-enter customer homes without being recorded.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/amazon-key-bug-lets-rogue-deliverymen-re-enter-homes-without-being-recorded/
∗∗∗ Firefox Nightly Build 58: Firefox warnt künftig vor Webseiten mit Datenlecks ∗∗∗
---------------------------------------------
Im Nightly Build 58 testet Mozillaeinige neue Funktionen: So sollen Nutzer bald personalisierte Artikelvorschläge von Pocket bekommen. Außerdem werden Nutzer womöglich bald vor Webseiten gewarnt, die im großen Stil Nutzerdaten verloren haben.
---------------------------------------------
https://www.golem.de/news/firefox-nightly-build-58-firefox-warnt-kuenftig-vor-webseiten-mit-datenlecks-1711-131309.html
∗∗∗ systemd Vulnerability Leads to Denial of Service on Linux ∗∗∗
---------------------------------------------
Many Linux distributions are at risk due to a recently disclosed flaw in systemd: a flaw in its DNS resolver could cause a denial-of-service attack on vulnerable systems. The vulnerability is exploited by having the vulnerable system send a DNS query to a DNS server controlled by the attackers. The DNS server would then return a specially crafted ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/systemd-vulnerability-leads-to-denial-of-service-on-linux/
∗∗∗ Advisory: Turla group malware ∗∗∗
---------------------------------------------
This report provides new intelligence derived from NCSC investigations into two tools used by the Turla group to target the UK, known as Neuron and Nautilus.
---------------------------------------------
https://www.ncsc.gov.uk/alerts/turla-group-malware
∗∗∗ Erpressungstrojaner qkG manipuliert Word-Template zur weiteren Verbreitung ∗∗∗
---------------------------------------------
Sicherheitsforscher sind auf eine neue Ransomware gestoßen, die es vorrangig auf Word-Nutzer abgesehen hat.
---------------------------------------------
https://heise.de/-3899132
∗∗∗ Mac-Malware Proton gibt sich als "Symantec Malware Detector" aus ∗∗∗
---------------------------------------------
Getarnt als Malware-Erkennung wurde der Mac-Trojaner über ein vermeintliches Symantec-Blog vertrieben. Eine über soziale Netze verbreitete Falschmeldung soll Nutzer zur Installation bringen.
---------------------------------------------
https://heise.de/-3900056
∗∗∗ Schwerer Bug erlaubt, macOS via USB-Stick zu knacken ∗∗∗
---------------------------------------------
Apple hat Fehler bereits geschlossen – Reparaturwerkzeug als Angriffspunkt
---------------------------------------------
http://derstandard.at/2000068349782
=====================
= Vulnerabilities =
=====================
∗∗∗ FortiWebManager 5.8.0 improperly handles admin login access ∗∗∗
---------------------------------------------
FortiWebManager 5.8.0 fails to check the admin password, granting access regardless the provided string.
---------------------------------------------
http://fortiguard.com/psirt/FG-IR-17-248
∗∗∗ TablePress <= 1.8 - Authenticated XML External Entity (XXE) ∗∗∗
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8963
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in sudo. ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099647
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in curl ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099663
∗∗∗ IBM Security Bulletin: IBM Flex System FC5022 16Gb SAN Scalable Switch is affected by vulnerabilities in OpenSSH ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099674
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list