[CERT-daily] Tageszusammenfassung - 18.06.2018
Daily end-of-shift report
team at cert.at
Mon Jun 18 18:36:32 CEST 2018
=====================
= End-of-Day report =
=====================
Timeframe: Freitag 15-06-2018 18:00 − Montag 18-06-2018 18:00
Handler: Stephan Richter
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ macOS Breaks Your OpSec by Caching Data From Encrypted Hard Drives ∗∗∗
---------------------------------------------
Apples macOS surreptitiously creates and caches thumbnails for images and other file types stored on password-protected / encrypted containers (hard drives, partitions), according to Wojciech Reguła and Patrick Wardle, two macOS security experts.
---------------------------------------------
https://www.bleepingcomputer.com/news/apple/macos-breaks-your-opsec-by-caching-data-from-encrypted-hard-drives/
∗∗∗ Rootkit-Based Adware Wreaks Havoc Among Windows 10 Users in the US ∗∗∗
---------------------------------------------
Security researchers from Romania-based antivirus vendor Bitdefender have detailed the operations of an adware strain named Zacinlo that uses a rootkit component to gain persistence across OS reinstalls, a rootkit component thats even effective against Windows 10 installations.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/rootkit-based-adware-wreaks-havoc-among-windows-10-users-in-the-us/
∗∗∗ Vendor Patches Seven Vulnerabilities Across 392 Camera Models ∗∗∗
---------------------------------------------
Axis Communications AB, a Swedish manufacturer of network cameras for physical security and video surveillance, has patched seven security flaws across nearly 400 security camera models.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/vendor-patches-seven-vulnerabilities-across-392-camera-models/
∗∗∗ Betrügerische Pfändungstermine ignorieren ∗∗∗
---------------------------------------------
Kriminelle versenden gefälschte Inkassoschreiben und erklären den Empfänger/innen, dass sie ein Mahnverfahren erwirkt haben und ein Gerichtsvollzieher die vermeintlichen Schuldner/innen besuchen werde. Das könne einzig und allein eine Geldzahlung verhindern. Konsument/innen können die E-Mail ignorieren und müssen keine Geldzahlung leisten.
---------------------------------------------
https://www.watchlist-internet.at/news/betruegerische-pfaendungstermine-ignorieren/
=====================
= Vulnerabilities =
=====================
∗∗∗ Xen Security Advisory CVE-2018-3665 / XSA-267 ∗∗∗
---------------------------------------------
Speculative register leakage from lazy FPU context switching
---------------------------------------------
https://xenbits.xen.org/xsa/advisory-267.html
∗∗∗ MFSBGN03809 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF ∗∗∗
---------------------------------------------
A potential vulnerability has been identified in UCMDB Browser. This vulnerability could be exploited to Deserialization & Cross-site Request forgery (CSRF).
---------------------------------------------
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180066
∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by CentOS (kernel), Debian (libgcrypt20, redis, and strongswan), Fedora (epiphany, freedink-dfarc, gnupg, LibRaw, nodejs-JSV, nodejs-uri-js, singularity, strongswan, and webkit2gtk3), Mageia (flash-player-plugin, freedink-dfarc, and imagemagick), openSUSE (enigmail, gpg2, java-1_7_0-openjdk, java-1_8_0-openjdk, poppler, postgresql96, python-python-gnupg, and samba), Oracle (kernel), SUSE (gpg2 and xen), and Ubuntu (gnupg and webkit2gtk).
---------------------------------------------
https://lwn.net/Articles/757758/
∗∗∗ BlackBerry powered by Android Security Bulletin – June 2018 ∗∗∗
---------------------------------------------
http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000049462
∗∗∗ FFmpeg: Mehrere Schwachstellen ermöglichen verschiedene Denial-of-Service-Angriffe ∗∗∗
---------------------------------------------
https://adv-archiv.dfn-cert.de/adv/2018-1177/
∗∗∗ IBM Security Bulletin: IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru is affected by vulnerability in OpenSLP (CVE-2017-17833) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099813
∗∗∗ IBM Security Bulletin: Vulnerabilities in OpenSSL Affect Sterling Connect:Direct for HP NonStop (CVE-2018-0739) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016399
∗∗∗ IBM Security Bulletin: Vulnerabilities in cURL affect IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru (CVE-2017-8816 CVE-2017-8817 CVE-2017-8818) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099811
∗∗∗ IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru (CVE-2017-3737 CVE-2017-3738) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099812
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list