[CERT-daily] Tageszusammenfassung - 30.11.2018
Daily end-of-shift report
team at cert.at
Fri Nov 30 18:05:04 CET 2018
=====================
= End-of-Day report =
=====================
Timeframe: Donnerstag 29-11-2018 18:00 − Freitag 30-11-2018 18:00
Handler: Dimitri Robl
Co-Handler: Robert Waldner
=====================
= News =
=====================
∗∗∗ Here are another 45,000 reasons to patch Windows systems against old NSA exploits ∗∗∗
---------------------------------------------
Its 2018 and UPnP is still opening up networks - this time to leaked SMB cyber-weapons Earlier this year, Akamai warned that vulnerabilities in Universal PlugNPlay (UPnP) had been exploited by scumbags to hijack 65,000 home routers. In follow-up research released this week, it revealed little has changed.…
---------------------------------------------
https://www.theregister.co.uk/2018/11/30/akamai_routerwreckers_active/
∗∗∗ Good practices for identifying and assessing cybersecurity interdependencies ∗∗∗
---------------------------------------------
A glance at the interdependency landscape reveals several emerging interdependencies between operators of essential services (OES) and digital service providers (DSP), at both system and service level. Due to these interdependencies, there is an increasing number of cybersecurity incidents that either propagated across organisations (often across borders), or had a cascading effect at the level of essential services.
---------------------------------------------
https://www.enisa.europa.eu/news/enisa-news/good-practices-for-identifying-and-assessing-cybersecurity-interdependencies
∗∗∗ Gezielte Angriffe gegen Firmen mit Trojaner in AutoCAD-Dateien ∗∗∗
---------------------------------------------
Echte CAD-Pläne mit beigefügten Skripten kopieren unbemerkt Firmengeheimnisse, warnen Sicherheitsforscher.
---------------------------------------------
http://heise.de/-4236488
∗∗∗ Hackers in Hot Water. Pwning smart hot tubs, yes really ∗∗∗
---------------------------------------------
We were given a tip by the awesome Ceri Coburn that something was amiss with the Balboa Water App, a mobile app used for controlling >30,000 hot tubs. You can remotely control your tub, so you can heat it up for when you’re ready, saving […]
---------------------------------------------
https://www.pentestpartners.com/security-blog/hackers-in-hot-water-pwning-smart-hot-tubs-yes-really/
=====================
= Vulnerabilities =
=====================
∗∗∗ Critical Zoom Flaw Lets Hackers Hijack Conference Meetings ∗∗∗
---------------------------------------------
Hackers can spoof messages, hijack screen controls and kick others out of meetings.
---------------------------------------------
https://threatpost.com/critical-zoom-flaw-lets-hackers-hijack-conference-meetings/139489/
∗∗∗ GatherContent - Moderately critical - Access bypass - SA-CONTRIB-2018-075 ∗∗∗
---------------------------------------------
Project: GatherContent
Date: 2018-November-28
Security risk: Moderately critical 13∕25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:All
Vulnerability: Access bypass
Description: This module enables you to import and export data from the GatherContent service.The module didnt properly protect its administrative paths.
Solution: Install the latest version:If you use the gathercontent module for Drupal 7.x, upgrade to gathercontent 7.x-3.5Also see the GatherContent project page.
---------------------------------------------
https://www.drupal.org/sa-contrib-2018-075
∗∗∗ DSA-4347 perl - security update ∗∗∗
---------------------------------------------
https://www.debian.org/security/2018/dsa-4347
∗∗∗ INVT Electric VT-Designer ∗∗∗
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01
∗∗∗ IBM Security Bulletin: Potential Privilege escalation vulnerability in WebSphere Application Server (CVE-2018-1840) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-privilege-escalation-vulnerability-in-websphere-application-server-cve-2018-1840/
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Monitoring ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-monitoring-6/
∗∗∗ OpenSSL and Intel processor SMT side-channel vulnerability (PortSmash) CVE-2018-5407 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K49711130
∗∗∗ USN-3833-1: Linux kernel (AWS) vulnerabilities ∗∗∗
---------------------------------------------
https://usn.ubuntu.com/3833-1/
∗∗∗ USN-3832-1: Linux kernel (AWS) vulnerabilities ∗∗∗
---------------------------------------------
https://usn.ubuntu.com/3832-1/
∗∗∗ HPESBHF03906 rev.1 - HPE Intelligent Management Center (IMC), Remote Buffer Overflow, Code Execution, Denial of Service ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list