[CERT-daily] Tageszusammenfassung - 28.02.2018
Daily end-of-shift report
team at cert.at
Wed Feb 28 18:06:11 CET 2018
=====================
= End-of-Day report =
=====================
Timeframe: Dienstag 27-02-2018 18:00 − Mittwoch 28-02-2018 18:00
Handler: Nina Bieringer
Co-Handler: Alexander Riepl
=====================
= News =
=====================
∗∗∗ Free Decrypter Available for GandCrab Ransomware Victims ∗∗∗
---------------------------------------------
Bitdefender has released a free decrypter that helps victims of GandCrab ransomware infections recover files without paying the ransom.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/free-decrypter-available-for-gandcrab-ransomware-victims/
∗∗∗ Dissecting Hancitor’s Latest 2018 Packer ∗∗∗
---------------------------------------------
https://researchcenter.paloaltonetworks.com/2018/02/unit42-dissecting-hancitors-latest-2018-packer/
∗∗∗ Sicherheits-Netzbetriebssystem: Fortinet präsentiert FortiOS 6.0 ∗∗∗
---------------------------------------------
Auf seiner Hausveranstaltung Accelerate 18 hat Fortinet Version 6.0 seines Security-Network-Betriebssystems FortiOS vorgestellt. Das Update umfasst über 200 Aktualisierungen.
---------------------------------------------
https://www.heise.de/meldung/Sicherheits-Netzbetriebssystem-Fortinet-praesentiert-FortiOS-6-0-3976594.html
∗∗∗ Electra: Erster umfassender Jailbreak für iOS 11 erschienen ∗∗∗
---------------------------------------------
Ein neuer Jailbreak soll erstmals den alternativen App Store Cydia auf iOS 11 bringen. Dafür wird der Exploit eines Google-Sicherheitsforschers eingesetzt, der allerdings nur in älteren Versionen des Betriebssystems funktioniert.
---------------------------------------------
https://www.heise.de/meldung/Electra-Erster-umfassender-Jailbreak-fuer-iOS-11-erschienen-3982765.html
∗∗∗ Who Wasn’t Responsible for Olympic Destroyer? ∗∗∗
---------------------------------------------
This blog post is authored by Paul Rascagneres and Martin Lee.SummaryAbsent contributions from traditional intelligence capacities, the available evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow for unambiguous attribution. The threat actor responsible for the attack has purposefully included ..
---------------------------------------------
http://feedproxy.google.com/~r/feedburner/Talos/~3/VvKIOSM9n5Y/who-wasnt-responsible-for-olympic.html
∗∗∗ First true native IPv6 DDoS attack spotted in wild ∗∗∗
---------------------------------------------
https://www.scmagazineuk.com/news/first-true-native-ipv6-ddos-attack-spotted-in-wild/article/747217/
=====================
= Vulnerabilities =
=====================
∗∗∗ Emerson ControlWave Micro Process Automation Controller ∗∗∗
---------------------------------------------
This advisory includes mitigation recommendations for a stack-based buffer overflow vulnerability in the Emerson ControlWave Micro Process Automation Controller.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03
∗∗∗ Delta Electronics WPLSoft ∗∗∗
---------------------------------------------
This advisory contains mitigation details for stack-based buffer overflow, heap-based buffer overflow, out-of-bounds write vulnerabilities in the Delta Electronics WPLSoft PLC programming software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-058-02
∗∗∗ Medtronic 2090 Carelink Programmer Vulnerabilities ∗∗∗
---------------------------------------------
This medical device advisory contains mitigation details for vulnerabilities in Medtronic’s 2090 CareLink Programmer and its accompanying software deployment network.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-01
∗∗∗ Philips Intellispace Portal ISP Vulnerabilities ∗∗∗
---------------------------------------------
This medical device advisory contains mitigation details for vulnerabilities in the Philips’ IntelliSpace Portal (ISP), an advanced visualization and image analysis system.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
∗∗∗ Siemens SIMATIC Industrial PCs ∗∗∗
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22013543
∗∗∗ IBM Security Bulletin: A vulnerability in Struts affects IBM InfoSphere Metadata Workbench ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22013436
∗∗∗ Insecure Direct Object Reference in TestLink Open Source Test Management ∗∗∗
---------------------------------------------
https://www.sec-consult.com/en/blog/advisories/insecure-direct-object-reference-in-testlink-open-source-test-management/index.html
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list