[CERT-daily] Tageszusammenfassung - 14.09.2018

Fri Sep 14 18:08:59 CEST 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 13-09-2018 18:00 − Freitag 14-09-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================


∗∗∗ Interesting approach: Skill Squatting with Amazon Echo ∗∗∗
---------------------------------------------
Mishearing something every once in a while is a normal thing for humans. In that respect, Amazon Echo has some human characteristics as well. A research team from the University of Illinois has taken a closer look at Echo, Alexa and the abuse potential for malicious Alexa skills. They have presented their findings at the Usenix conference.
---------------------------------------------
https://www.gdatasoftware.com/blog/2018/09/31112-skill-squatting-amazon-echo


∗∗∗ Windows, Linux Kodi Users Infected With Cryptomining Malware ∗∗∗
---------------------------------------------
An anonymous reader quotes a report from ZDNet: Users of Kodi, a popular media player and platform designed for TVs and online streaming, have been the targets of a malware campaign, ZDNet has learned from cyber-security firm ..
---------------------------------------------
https://it.slashdot.org/story/18/09/13/2118233/windows-linux-kodi-users-infected-with-cryptomining-malware


∗∗∗ Apple Has Started Paying Hackers for iPhone Exploits ∗∗∗
---------------------------------------------
Lorenzo Franceschi-Bicchierai, reporting for Motherboard: In 2016, Apples head of security surprised the attendees of one of the biggest security conference in the world by announcing a bug bounty program for Apples mobile operating ..
---------------------------------------------
https://it.slashdot.org/story/18/09/14/1441201/apple-has-started-paying-hackers-for-iphone-exploits


∗∗∗ Unsuccessfully Defaced Websites ∗∗∗
---------------------------------------------
Defaced websites are a type of hack that is easy to notice and a pain for website owners. Recently, we came across some defacement pages with a peculiar JavaScript injection included in the source code. What is a ..
---------------------------------------------
https://blog.sucuri.net/2018/09/unsuccessfully-defaced-websites.html


∗∗∗ DarkCloud Bootkit ∗∗∗
---------------------------------------------
In an earlier blog about crypto-malware, we described different techniques used by cybercriminals, such as cryptomining and wallet stealing. In this blog, we will provide a technical analysis of yet another type of ..
---------------------------------------------
https://www.zscaler.com/blogs/research/darkcloud-bootkit


∗∗∗ Bug in Intels ME-Firmware: Wieder BIOS-Updates nötig ∗∗∗
---------------------------------------------
Die russischen Experten von PTE haben erneut einen schwerwiegenden Bug bei kryptografischen Schlüsseln in Intels Management Engine (ME) entdeckt.
---------------------------------------------
https://heise.de/-4165732


∗∗∗ GlobeImposter use new ways to spread to the globe: How to prevent falling victims? ∗∗∗
---------------------------------------------
Recently, there have been many incidents of ransomware attacks. Once users are ..
---------------------------------------------
https://blog.360totalsecurity.com/en/globeimposter-use-new-ways-to-spread-to-the-globe-how-to-prevent-falling-victims/


∗∗∗ Hacking an assault tank… A Nerf one ∗∗∗
---------------------------------------------
TL;DR A complex, challenging reverse and hijack of a toy tank Nerf gun camera, but the result was we got to shoot the 44Con conference organiser with it! Why A remote-controlled Nerf gun with ..
---------------------------------------------
https://www.pentestpartners.com/security-blog/hacking-an-assault-tank-a-nerf-one/


=====================
=  Vulnerabilities  =
=====================


∗∗∗ Honeywell Mobile Computers with Android Operating Systems ∗∗∗
---------------------------------------------
This advisory includes mitigations for an improper privilege management vulnerability in the Honeywell mobile computers running the Android Operating System.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-256-01


∗∗∗ CVE-2018-16962: Webroot SecureAnywhere macOS Kernel Level Memory Corruption ∗∗∗
---------------------------------------------
https://trustwave.com/Resources/SpiderLabs-Blog/CVE-2018-16962--Webroot-SecureAnywhere-macOS-Kernel-Level-Memory-Corruption/


∗∗∗ HPESBHF03866 rev.1 - HPE Integrated Lights-Out 3,4,5 using SSH, Remote Execution of Arbitrary Code and Disclosure of Sensitive Information ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03866en_us

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily