[CERT-daily] Tageszusammenfassung - 27.07.2018

Daily end-of-shift report team at cert.at
Fri Jul 27 18:10:38 CEST 2018 

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 26-07-2018 18:00 − Freitag 27-07-2018 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl


=====================
=       News        =
=====================


∗∗∗ Häftlinge erhacken sich Guthaben im Wert von 225.000 Dollar ∗∗∗
---------------------------------------------
Durch Austricksen eines Tablet-Systems haben sich US-Häftlinge Guthaben für Digitalkonsum verschafft.
---------------------------------------------
https://futurezone.at/digital-life/haeftlinge-erhacken-sich-guthaben-im-wert-von-225000-dollar/400073708


∗∗∗ NetSpectre liest RAM via Netzwerk aus ∗∗∗
---------------------------------------------
NetSpectre greift ohne ausführbaren Schadcode an – zwar fließen nur wenige Bytes pro Stunde, aber ungeschützte Server und Storage-Systeme sind angreifbar.
---------------------------------------------
http://heise.de/-4121831


∗∗∗ State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China ∗∗∗
---------------------------------------------
Heres a timely reminder that email isnt the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned. This particular ruse, while crude and simplistic, preys on the curiosity ..
---------------------------------------------
https://krebsonsecurity.com/2018/07/state-govts-warned-of-malware-laden-cd-sent-via-snail-mail-from-china/


=====================
=  Vulnerabilities  =
=====================


∗∗∗ Bugtraq: [CORE-2018-0009] - SoftNAS Cloud OS Command Injection ∗∗∗
---------------------------------------------
http://www.securityfocus.com/archive/1/542187


∗∗∗ Vuln: Apache Kafka CVE-2017-12610 User Impersonation Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/104899

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

More information about the Daily mailing list