[CERT-daily] Tageszusammenfassung - 31.08.2018
Daily end-of-shift report
team at cert.at
Fri Aug 31 18:07:46 CEST 2018
=====================
= End-of-Day report =
=====================
Timeframe: Donnerstag 30-08-2018 18:00 − Freitag 31-08-2018 18:00
Handler: Alexander Riepl
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ Firework: Leveraging Microsoft Workspaces in a Penetration Test ∗∗∗
---------------------------------------------
WCX files can be used to configure a Microsoft Workplace on a system with a couple of clicks. The enrollment process could disclose credentials in the form of a NetNTLM hash. Authentication will either take place automatically on older [...]
---------------------------------------------
https://trustwave.com/Resources/SpiderLabs-Blog/Firework--Leveraging-Microsoft-Workspaces-in-a-Penetration-Test/
∗∗∗ BEC fraud burgeoning despite training ∗∗∗
---------------------------------------------
Business email compromises (BEC) - commonly referred to as CEO Fraud because the CEOs identity is being impersonated - continues to grow and, more significantly, succeed due to the simplicity and urgency of the attacks, according to recent study from Barracuda of some 3,000 attacks.
---------------------------------------------
https://www.scmagazine.com/bec-fraud-burgeoning-despite-training/article/792553/
∗∗∗ John McAfees "unhackbares" Bitcoin-Wallet Bitfi gehackt – mehrmals ∗∗∗
---------------------------------------------
Zum wiederholten Male haben Sicherheitsforscher eigentlich geheime Passphrasen aus dem Bitcoin-Wallet Bitfi ausgelesen.
---------------------------------------------
http://heise.de/-4152116
∗∗∗ How We Micropatched a Publicly Dropped 0day in Task Scheduler (CVE-UNKNOWN) ∗∗∗
---------------------------------------------
[...] Earlier this week security researcher SandboxEscaper published details and proof-of-concept (POC) for a "0day" local privilege escalation vulnerability in Windows Task Scheduler service, which allows a local unprivileged user to change permissions of any file on the system - and thus subsequently replace or modify that file. As the researchers POC demonstrates, one can use this vulnerability [...]
---------------------------------------------
https://blog.0patch.com/2018/08/how-we-micropatched-publicly-dropped.html
=====================
= Vulnerabilities =
=====================
∗∗∗ Philips e-Alert Unit ∗∗∗
---------------------------------------------
This advisory includes mitigation recommendations for numerous vulnerabilities in Phillips e-Alert Unit, a non-medical device.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01
∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (389-ds-base, bind9, and squirrelmail), Fedora (dolphin-emu), openSUSE (libX11), SUSE (cobbler, GraphicsMagick, ImageMagick, liblouis, postgresql10, qemu, and spice), and Ubuntu (libx11).
---------------------------------------------
https://lwn.net/Articles/763906/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list