[CERT-daily] Tageszusammenfassung - 09.07.2018

Mon Jul 9 18:04:58 CEST 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 06-07-2018 18:00 − Montag 09-07-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Hacker stehlen 2300 Liter Benzin von Tankstelle ∗∗∗
---------------------------------------------
Eine Zapfsäule einer Tankstelle in den USA wurde so manipuliert, dass sie kostenlos Sprit ausgab.
---------------------------------------------
https://futurezone.at/digital-life/hacker-stehlen-2300-liter-benzin-von-tankstelle/400063340


∗∗∗ In cryptoland, trust can be costly ∗∗∗
---------------------------------------------
While the legal status of cryptocurrencies and laws to regulate them continue to be hammered out, scammers are busy exploiting the digital gold rush. Besides hacking cryptocurrency exchanges, exploiting smart-contract ..
---------------------------------------------
https://securelist.com/in-cryptoland-trust-can-be-costly/86367/


∗∗∗ PROPagate Code Injection Seen in the Wild ∗∗∗
---------------------------------------------
Last year, researchers wrote about a new Windows code injection technique called PROPagate. Last week, it was first seen in malware:This technique abuses the SetWindowsSubclass function -- a process used to install or update subclass windows running on the system -- and can be used to modify the properties of windows running in the same ..
---------------------------------------------
https://www.schneier.com/blog/archives/2018/07/propagate_code_.html


∗∗∗ Stolen D-Link Certificate Used to Digitally Sign Spying Malware ∗∗∗
---------------------------------------------
Digitally signed malware has become much more common in recent years to mask malicious intentions. Security researchers have discovered a new malware campaign misusing stolen valid digital certificates from ..
---------------------------------------------
https://thehackernews.com/2018/07/digital-certificate-malware.html


∗∗∗ Domain Factory confirms January 2018 data breach ∗∗∗
---------------------------------------------
German name n hosting outfit tells customers told to reset passwords after hacker taunts German hosting company Domainfactory has taken down its forums after someone posted messages alleging to have compromised the compa ..
---------------------------------------------
www.theregister.co.uk/2018/07/09/domainfactory_in_germany_confirms_brdata_breach/


∗∗∗ The Worst Cybersecurity Breaches of 2018 So Far ∗∗∗
---------------------------------------------
There havent been as many hacks and attacks compared to this time last year, but thats where the good news ends.
---------------------------------------------
https://www.wired.com/story/2018-worst-hacks-so-far


∗∗∗ Jetzt patchen! Exploit-Code für extrem kritische Lücke in HPE iLO4 öffentlich ∗∗∗
---------------------------------------------
Sendet ein Angreifer eine cURL-Anfrage mit „AAAAAAAAAAAAAAAAAAAAAAAAAAAAA“ an verwundbare HP-Proliant-Server, könnte er diese übernehmen.
---------------------------------------------
http://heise.de/-4104590


∗∗∗ iTunes und iCloud für Windows: Update dringend angeraten ∗∗∗
---------------------------------------------
Die jüngsten Versionen von Apples Medienabpieler und der Cloud-Unterstützung für den PC beheben problematische Sicherheitslücken.
---------------------------------------------
http://heise.de/-4104663


=====================
=  Vulnerabilities  =
=====================

∗∗∗ VMSA-2018-0016 ∗∗∗
---------------------------------------------
VMware ESXi, Workstation, and Fusion updates address multiple out-of-bounds read vulnerabilities
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2018-0016.html


∗∗∗ VMSA-2018-0011.1 ∗∗∗
---------------------------------------------
Unauthenticated Command Injection vulnerability in VMware NSX SD-WAN by VeloCloud
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2018-0011.html


∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (bouncycastle and ca-certificates), Fedora (cantata, cinnamon, php-symfony3, and transifex-client), openSUSE (ghostscript, openssl, openvpn, php7, rubygem-yard, thunderbird, ucode-intel, and unzip), and SUSE (libqt4, nodejs8, and openslp).
---------------------------------------------
https://lwn.net/Articles/759361/


∗∗∗ VLC: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Benutzerrechten ∗∗∗
---------------------------------------------
https://www.bsi-fuer-buerger.de/SharedDocs/Warnmeldungen/DE/TW/2018/07/warnmeldung_tw-t18-0092.html

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily