[CERT-daily] Tageszusammenfassung - 10.08.2018

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 09-08-2018 18:00 − Freitag 10-08-2018 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Neue Macs können beim ersten Kontakt mit WLAN gehackt werden ∗∗∗
---------------------------------------------
Betroffen sind Firmenkunden von Apple. Die Schwachstelle wurde auf der Black Hat Konferenz präsentiert.
---------------------------------------------
https://futurezone.at/digital-life/neue-macs-koennen-beim-ersten-kontakt-mit-wlan-gehackt-werden/400086368


∗∗∗ The 10 Best Practices for Identifying and Mitigating Phishing ∗∗∗
---------------------------------------------
Phishing (a form of social engineering) is escalating in both frequency and sophistication; consequently, it is even more challenging to defend against cyber-related attacks. These days, any industry, any workplace, any work role can be targeted by a phishing scam that is spreading beyond simple malicious email attachments and link manipulation techniques (i.e., phishers may [...]
---------------------------------------------
https://resources.infosecinstitute.com/the-10-best-practices-for-identifying-and-mitigating-phishing/


∗∗∗ Practical Web Cache Poisoning ∗∗∗
---------------------------------------------
Web cache poisoning has long been an elusive vulnerability, a theoretical threat used mostly to scare developers into obediently patching issues that nobody could actually exploit. In this paper Ill show you how to compromise websites by using esoteric web features to turn their caches into exploit delivery systems, targeting everyone that makes the mistake of visiting their homepage.
---------------------------------------------
https://portswigger.net/blog/practical-web-cache-poisoning


∗∗∗ VIA C3: "God Mode"-Sicherheitslücke in Prozessoren entdeckt ∗∗∗
---------------------------------------------
Ein IT-Experte hat einen schwerwiegenden Bug in alten CPUs von VIA Technologies aufgespürt und auch gleich eine Gegenmaßnahme programmiert.
---------------------------------------------
http://heise.de/-4133425


∗∗∗ Vulnerabilities in mPOS devices could lead to fraud and theft ∗∗∗
---------------------------------------------
Vulnerabilities in mPOS (mobile point-of-sale) machines could allow malicious merchants to defraud customers and attackers to steal payment card data, Positive Technologies researchers have found. The use of mPOS devices has seen huge growth over the last few years as the barriers to entry to be provided a device and start accepting card payments are effectively zero.
---------------------------------------------
https://www.helpnetsecurity.com/2018/08/10/mpos-vulnerabilities/


∗∗∗ Nicht bei shop-and-smile.com einkaufen ∗∗∗
---------------------------------------------
Auf shop-and-smile.com finden Konsument/innen Elektroartikel. Die angebotenen Produkte sind gebraucht und nicht neu. Das ist im Rahmen eines Einkaufs nicht offensichtlich. Eine Bezahlung der Ware ist entgegen anderer Aussagen nur im Voraus möglich. Die Watchlist Internet rät von einem Einkauf bei shop-and-smile.com ab.
---------------------------------------------
https://www.watchlist-internet.at/news/nicht-bei-shop-and-smilecom-einkaufen/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Crestron TSW-X60 and MC3 ∗∗∗
---------------------------------------------
This advisory includes mitigation recommendations for OS command injection, improper access control, and insufficiently protected credentials vulnerabilities in Crestrons TSW-X60 and MC3 devices.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01


∗∗∗ NetComm Wireless 4G LTE Light Industrial M2M Router ∗∗∗
---------------------------------------------
This advisory includes mitigation recommendations for information exposure, cross-site forgery, cross-site scripting, and information exposure through directory listing vulnerabilities in NetComm Wireless 4G LTE Light Industrial M2M Router.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-221-02


∗∗∗ PostgreSQL 10.5, 9.6.10, 9.5.14, 9.4.19, 9.3.24, and 11 Beta 3 Released! ∗∗∗
---------------------------------------------
Two security vulnerabilities have been closed by this release: CVE-2018-10915: Certain host connection parameters defeat client-side security defenses CVE-2018-10925: Memory disclosure and missing authorization in INSERT ... ON CONFLICT DO UPDATE
---------------------------------------------
https://www.postgresql.org/about/news/1878/


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Fedora (exiv2, kernel-headers, kernel-tools, libgit2, and thunderbird-enigmail), openSUSE (blueman, cups, gdk-pixbuf, libcdio, libraw, libsoup, libtirpc, mysql-community-server, python-mitmproxy, sssd, and virtualbox), Red Hat (cobbler), SUSE (ceph, firefox, NetworkManager-vpnc, openssh, and wireshark), and Ubuntu (openjdk-7 and openjdk-8).
---------------------------------------------
https://lwn.net/Articles/762337/


∗∗∗ wpa_supplicant: Eine Schwachstelle ermöglicht einen Denial-of-Service-Angriff ∗∗∗
---------------------------------------------
https://adv-archiv.dfn-cert.de/adv/2018-1564/


∗∗∗ Red Hat Certification: Mehrere Schwachstellen ermöglichen u. a. die Ausführung beliebigen Programmcodes ∗∗∗
---------------------------------------------
https://adv-archiv.dfn-cert.de/adv/2018-1571/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10720235


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearQuest ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10718367


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearCase (CVE-2018-2633, CVE-2018-2603, CVE-2018-2579, CVE-2018-2602, CVE-2018-2794, & CVE-2018-2783) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10717207


∗∗∗ IBM Security Bulletin: A security vulnerability in OpenSSL affects IBM Rational ClearQuest (CVE-2018-0739) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10718373


∗∗∗ IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2018-0739) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10717211


∗∗∗ IBM Security Bulletin: Security Bulletin: IBM Data Server Driver for JDBC and SQLJ is affected by a 3RD PARTY Unsafe deserialization ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22012479


∗∗∗ IBM Security Bulletin: A security vulnerability in IBM Rational ClearQuest with SSL/TLS communications (CVE-2016-2922) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10718377

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily