[CERT-daily] Tageszusammenfassung - 30.12.2019

Mon Dec 30 18:08:19 CET 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 27-12-2019 18:00 − Montag 30-12-2019 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Lesser-known Tools for Android Application PenTesting ∗∗∗
---------------------------------------------
Over time, I became familiar with the different tools, popular or not, that helped me in my assessments. In this post, I’ll list down these not-so-popular tools (in my opinion based on the different sources and blogs that I have read where these tools were not mentioned) that I’m using during my engagements.
---------------------------------------------
https://captmeelo.com/pentest/2019/12/30/lesser-known-tools-for-android-pentest.html


∗∗∗ 36C3: Vertraue keinem Bluetooth-Gerät – schon gar nicht im vernetzten Auto ∗∗∗
---------------------------------------------
Bei Chips zur drahtlosen Datenübertragung etwa via Bluetooth gibt es massive Sicherheitslücken. Bei geteilten Antennen lässt sich etwa WLAN ausknipsen.
---------------------------------------------
https://heise.de/-4624388


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Trend Micro AntiVirus für Mac: Schwachstelle ermöglicht Manipulation von Dateien ∗∗∗
---------------------------------------------
Trend Micro AntiVirus ist eine Anti-Viren-Software.
---------------------------------------------
https://www.bsi-fuer-buerger.de/SharedDocs/Warnmeldungen/DE/TW/2019/12/warnmeldung_tw-t19-0192.html


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by SUSE (dia, kernel, and libgcrypt).
---------------------------------------------
https://lwn.net/Articles/808135/


∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (debian-lan-config, freeimage, imagemagick, libxml2, mediawiki, openssl1.0, php5, and tomcat8).
---------------------------------------------
https://lwn.net/Articles/808234/


∗∗∗ Intel SPS vulnerability CVE-2019-11109 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K54164678

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily