[CERT-daily] Tageszusammenfassung - 28.09.2017
Daily end-of-shift report
team at cert.at
Thu Sep 28 18:11:53 CEST 2017
=====================
= End-of-Day report =
=====================
Timeframe: Mittwoch 27-09-2017 18:00 − Donnerstag 28-09-2017 18:00
Handler: Alexander Riepl
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ Threat Landscape for Industrial Automation Systems in H1 2017 ∗∗∗
---------------------------------------------
Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017.
---------------------------------------------
http://securelist.com/threat-landscape-for-industrial-automation-systems-in-h1-2017/82660/
∗∗∗ Incident Response Database ∗∗∗
---------------------------------------------
Incidents often require us to rapidly identify which incident response team is responsible for a particular network, corporation or country. FIRST is developing an automated method to access information on Computer Security Incident Response Teams (CSIRT) and other types of incident handling organizations.
---------------------------------------------
https://www.first.org/global/irt-database
∗∗∗ Illusion Gap – Antivirus Bypass Part 1 ∗∗∗
---------------------------------------------
Imagine a situation where you double-click a file and Windows loads that file, but your Antivirus scans another file or even scans nothing at all. Sounds weird, right? Depends on who you ask; [...]
---------------------------------------------
https://www.cyberark.com/threat-research-blog/illusion-gap-antivirus-bypass-part-1/
=====================
= Vulnerabilities =
=====================
∗∗∗ DFN-CERT-2017-1706: Cisco IOS, Cisco IOS XE: Mehrere Schwachstellen ermöglichen u.a. das Erlangen von Administratorrechten ∗∗∗
---------------------------------------------
Mehrere Schwachstellen in Cisco IOS und IOS XE, ermöglichen einem entfernten, nicht authentisierten Angreifer das Umgehen von Sicherheitsvorkehrungen, was in einem Fall dazu führen kann, dass der Angreifer die vollständige Kontrolle über ein System erlangen kann, das Ausspähen von Informationen sowie die Durchführung verschiedener Denial-of-Service (DoS)-Angriffe. Ein entfernter, einfach authentisierter Angreifer kann [...]
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1706/
∗∗∗ ZDI-17-829: Trend Micro OfficeScan tmwfp Memory Corruption Privilege Escalation Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-17-829/
∗∗∗ ZDI-17-828: Trend Micro OfficeScan tmwfp Memory Corruption Privilege Escalation Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-17-828/
∗∗∗ IBM Security Bulletin: Smart Cloud Entry is affected by ISC BIND vulnerabilities ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=isg3T1025663
∗∗∗ IBM Security Bulletin: Open Source GNU glibc Vulnerabilities which is used by IBM OS Images for RedHat Linux in IBM PureApplication Systems (CVE-2017-1000366) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22008527
∗∗∗ IBM Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ssg1S1010641
∗∗∗ IBM Security Bulletin: Open Source Samba Samba Vulnerabilities which is used by IBM OS Images for RedHat Linux in IBM PureApplication Systems (CVE-2017-7494) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22007631
∗∗∗ IBM Security Bulletin: Cross-site Scripting vulnerabilities affect Rational Engineering Lifecycle Manager ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22008785
∗∗∗ IBM Security Bulletin: IBM Insights Foundation for Energy has vulnerabilites to SQL injection and cross-site scripting ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22009039
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Integration Designer ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22008391
∗∗∗ IBM Security Bulletin: Vulnerability CVE-2017-3511 in IBM Java SDK affects IBM Process Designer used in IBM Business Process Manager ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22008324
∗∗∗ IBM Security Bulletin: IBM WebSphere Cast Iron Solution is affected by an OpenSSL vulnerability (CVE-2017-3731) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22008918
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Planning Analytics Local ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22008584
∗∗∗ SSA-856721 (Last Update 2017-09-28): Vulnerability in Ruggedcom Discovery Protocol (RCDP) of Industrial Communication Devices ∗∗∗
---------------------------------------------
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list