[CERT-daily] Tageszusammenfassung - 15.05.2018

Daily end-of-shift report team at cert.at
Tue May 15 19:03:40 CEST 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Montag 14-05-2018 18:00 − Dienstag 15-05-2018 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Containers are here. What about container security? ∗∗∗
---------------------------------------------
The industry is gaga for container technologies like Docker and for good reason. According to ESG research, containers make up about 19 percent of hybrid cloud production workloads today, but in just two years’ time, containers will make up one-third of hybrid cloud production workloads. (Note: I am an ESG employee.) Container security issuesNot surprisingly, cybersecurity professionals say rapid growth and proliferation of application containers have led to several security issues:35
---------------------------------------------
https://www.csoonline.com/article/3273347/security/containers-are-here-what-about-container-security.html


∗∗∗ IDG Contributor Network: Fact vs. fiction: 6 myths about container security ∗∗∗
---------------------------------------------
DevOps, containers and microservices are eating software development just as software is eating the world. But with the explosive growth of these technologies and methodologies, it’s becoming increasingly difficult to separate fact from fiction. This is particularly the case when talking container security. In this article, we take a look specifically at the myths surrounding container security [...]
---------------------------------------------
https://www.csoonline.com/article/3272830/containers/fact-vs-fiction-6-myths-about-container-security.html


∗∗∗ Code-Injection: Sicherheitslücke in Signals Desktop-Client ∗∗∗
---------------------------------------------
Eine Code-Injection-Lücke in Signals Desktop-Client ermöglicht es, aus der Ferne JavaScript auszuführen. Ein Update für die Electron-App steht bereit. (Signal, Sicherheitslücke)
---------------------------------------------
https://www.golem.de/news/code-injection-sicherheitsluecke-in-signals-desktop-client-1805-134397.html


∗∗∗ Warnung vor CryptoCode ∗∗∗
---------------------------------------------
Konsument/innen erhalten eine E-Mail von Bitcoin Austria. Bei dem Schreiben handelt es sich um Werbung für CryptoCode. Ein Link in der Nachricht führt auf cryptocode.online. Auf der Plattform sollen Besucher/innen Geld einzahlen, damit sie jeden Tag "$15.000" verdienen können. Das einbezahlte Geld ist verloren, denn eine Gewinnausschüttung gibt es nicht.
---------------------------------------------
https://www.watchlist-internet.at/news/warnung-vor-cryptocode/


∗∗∗ NIS Update ∗∗∗
---------------------------------------------
Am 9. Mai hätte Österreich die NIS-Direktive umgesetzt haben sollen. Das haben wir verpasst. Wir haben noch immer kein NIS-Gesetz, und leider auch noch keinen Entwurf dazu in Begutachtung. Aber: ein Teil der NIS-Thematik (Anbieter digitaler Dienste) fällt unter die Vollharmonisierung und wird daher direkt aus Brüssel heraus gültig. Die entsprechende Verordnung wurde im Jänner veröffentlicht und ist seit 10. Mai in Kraft. Will man wissen, [...]
---------------------------------------------
http://www.cert.at/services/blog/20180515161108-2242.html



=====================
=  Vulnerabilities  =
=====================

∗∗∗ SSA-914382 (Last Update: 2018-05-15): Denial-of-Service Vulnerability in SIMATIC S7-400 ∗∗∗
---------------------------------------------
SIMATIC S7-400 CPUs are affected by a security vulnerability which could lead to a Denial-of-Service condition of the PLC if specially crafted packets are received and processed.The affected SIMATIC S7-400 CPU hardware versions are in the product cancellation phase or already phased-out. Siemens recommends customers either upgrading to a new version or implementing specific countermeasures.
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf


∗∗∗ VMSA-2018-0011 ∗∗∗
---------------------------------------------
Unauthenticated Command Injection vulnerability in VMware NSX SD-WAN by VeloCloud
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2018-0011.html


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (firefox, llpp, and webkit2gtk), Debian (kwallet-pam), Fedora (kernel and pam-kwallet), Gentoo (mpv), Oracle (389-ds-base, firefox, libvirt, and qemu-kvm), and Ubuntu (php5 and php5, php7.0, php7.1, php7.2).
---------------------------------------------
https://lwn.net/Articles/754495/


∗∗∗ BlackBerry powered by Android Security Bulletin - May 2018 ∗∗∗
---------------------------------------------
http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000048838


∗∗∗ Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes ∗∗∗
---------------------------------------------
https://adv-archiv.dfn-cert.de/adv/2018-0922/


∗∗∗ IBM Security Bulletin: API Connect Developer Portal is affected by a Drupal vulnerability (CVE-2018-7602) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22015829


∗∗∗ IBM Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale with CES stack enabled that could allow sensitive data to be included with service snaps. This data could be sent to IBM during service engagements (CVE-2018-1512) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ssg1S1012325


∗∗∗ IBM Security Bulletin: A vulnerability affects the IBM FlashSystem model V840 ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ssg1S1012281


∗∗∗ IBM Security Bulletin: A vulnerability affects the IBM FlashSystem models 840 and 900 ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012280


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities affect the IBM FlashSystem model V840 ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012283


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities affect the IBM FlashSystem models 840 and 900 ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012282


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012263


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22015254


∗∗∗ IBM Security Bulletin: IBM Data Risk Manager has released VM v2.0.1 in response to the vulnerability known as Spectre. ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22013157


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016207


∗∗∗ Linux kernel vulnerability CVE-2018-8897 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K17403481

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list