[CERT-daily] Tageszusammenfassung - 09.01.2018
Daily end-of-shift report
team at cert.at
Tue Jan 9 18:07:35 CET 2018
=====================
= End-of-Day report =
=====================
Timeframe: Montag 08-01-2018 18:00 − Dienstag 09-01-2018 18:00
Handler: Robert Waldner
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ VirusTotal Graph ∗∗∗
---------------------------------------------
[...] It is a visualization tool built on top of VirusTotals data set. It understands the relationship between files, URLs, domains and IP addresses and it provides an easy interface to pivot and navigate over them.
---------------------------------------------
http://blog.virustotal.com/2018/01/virustotal-graph.html
∗∗∗ Bitcoin- und Litecoin-Klau bei Electrum, Electron Cash und Electrum-LTC möglich ∗∗∗
---------------------------------------------
Eine von außen ausnutzbare Sicherheitslücke gefährdet Nutzer der Wallet-Programme Electrum (Bitcoin), Electron Cash (Bitcoin Cash) und Electrum-LTC (Litecoin). Angreifer könnten den Anwender deanonymisieren und im Extremfall das Guthaben stehlen.
---------------------------------------------
https://heise.de/-3936813
∗∗∗ Amazon-Händler/innen erhalten Phishingmails ∗∗∗
---------------------------------------------
Kriminelle versenden gefälschte Amazon Seller Center-Nachrichten. Darin fordern sie Händler/innen dazu auf, eine Website aufzurufen und ihre persönlichen Daten zu aktualisieren. Verkäufer/innen, die das tun, übermitteln ihr Passwort an Betrüger/innen. Dadurch können diese auf das fremde Shop-Konto zugreifen und es für Verbrechen nutzen.
---------------------------------------------
https://www.watchlist-internet.at/phishing/amazon-haendlerinnen-erhalten-phishingmails/
=====================
= Vulnerabilities =
=====================
∗∗∗ Security updates available for Adobe Flash Player (APSB18-01) ∗∗∗
---------------------------------------------
A Security Bulletin (APSB18-01) has been published regarding security updates for Adobe Flash Player. These updates address an important out-of-bounds read vulnerability that could lead to information disclosure, and Adobe recommends users update their product installations to the latest versions
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1517
∗∗∗ DSA-4081 php5 - security update ∗∗∗
---------------------------------------------
Several vulnerabilities were found in PHP, a widely-used open sourcegeneral purpose scripting language:
---------------------------------------------
https://www.debian.org/security/2018/dsa-4081
∗∗∗ DSA-4080 php7.0 - security update ∗∗∗
---------------------------------------------
Several vulnerabilities were found in PHP, a widely-used open sourcegeneral purpose scripting language:
---------------------------------------------
https://www.debian.org/security/2018/dsa-4080
∗∗∗ First Kotlin-Developed Malicious App Signs Users Up for Premium SMS Services ∗∗∗
---------------------------------------------
We spotted a malicious app (detected by Trend Micro as ANDROIDOS_BKOTKLIND.HRX) that appears to be the first developed using Kotlin—an open-source programming language for modern multiplatform applications. The samples we found on Google Play posed as Swift Cleaner, a utility tool that cleans and optimizes Android devices. The malicious app, which has 1,000-5,000 installs as of writing, is capable of remote command execution, information theft, SMS sending, URL forwarding, and click ad
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/COv5LfcpYs8/
∗∗∗ Apple Releases Multiple Security Updates ∗∗∗
---------------------------------------------
Original release date: January 08, 2018 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to obtain access to sensitive information.NCCIC/US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:macOS High Sierra 10.13.2OS X El Capitan 10.11.6 and macOS Sierra 10.12.6iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2018/01/08/Apple-Releases-Multiple-Security-Updates
∗∗∗ Patch gegen Spectre: Aktualisierte Nvidia-Grafiktreiber für GeForce und Quadro, Tesla-Treiber später ∗∗∗
---------------------------------------------
Nutzer von Nvidia-Grafikkarten sollten die neuen Grafiktreiber schnellstmöglich installieren. Sie enthalten Patches, die die Anfälligkeit für erfolgreiche Spectre-Attacken senken.
---------------------------------------------
https://heise.de/-3937247
∗∗∗ SAP Security Patch Day - January 2018 ∗∗∗
---------------------------------------------
This post by SAP Product Security Response Team shares information on Patch Day Security Notes* that are released on second Tuesday of every month and fix vulnerabilities discovered in SAP products. SAP strongly recommends that
---------------------------------------------
https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (graphicsmagick and linux-lts), CentOS (thunderbird), Debian (kernel, opencv, php5, and php7.0), Fedora (electrum), Gentoo (libXfont), openSUSE (gimp, java-1_7_0-openjdk, and libvorbis), Oracle (thunderbird), Slackware (irssi), SUSE (kernel, kernel-firmware, and kvm), and Ubuntu (awstats, nvidia-graphics-drivers-384, python-pysaml2, and tomcat7, tomcat8).
---------------------------------------------
https://lwn.net/Articles/743700/rss
∗∗∗ IBM Security Bulletin: Information disclosure in Liberty for Java for IBM Bluemix (CVE-2017-1681, CVE-2013-6440) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22011863
∗∗∗ IBM Security Bulletin: IBM Security Access Manager Appliance is affected by GnuTLS vulnerabilities ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22012330
∗∗∗ IBM Security Bulletin: Vulnerabilities in Apache Tomcat affects the IBM FlashSystem models 840 and 900 ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1011802
∗∗∗ IBM Security Bulletin: Vulnerabilities in Apache Tomcat affects the IBM FlashSystem model V840 ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1011803
∗∗∗ IBM Security Bulletin: Vulnerabilities in IBM SDK Java Technology Edition affects the IBM FlashSystem models 840 and 900 ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1011804
∗∗∗ IBM Security Bulletin: Vulnerabilities in IBM SDK Java Technology Edition affects the IBM FlashSystem model V840 ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1011805
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list