[CERT-daily] Tageszusammenfassung - 11.01.2019

Daily end-of-shift report team at cert.at
Fri Jan 11 18:13:24 CET 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 10-01-2019 18:00 − Freitag 11-01-2019 18:00
Handler:     Dimitri Robl
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Datenleak - mal ganz ohne Hype ∗∗∗
---------------------------------------------
Datenleak - mal ganz ohne Hype11. Jänner 2019Man hätte sich in den letzten Tagen enorm anstrengen müssen, um der Berichterstattung zu dem vor knapp einer Woche in Deutschland bekannt gewordenen Datenleak zu entgehen.Um es trotzdem nochmal kurz zusammenzufassen: Unbekannte Täter veröffentlichten im Laufe des Dezembers Dokumente und persönliche Informationen hunderter deutscher Politiker und anderer Personen des öffentlichen Lebens in Form eines bizarren
---------------------------------------------
http://www.cert.at/services/blog/20190111135415-2348.html


∗∗∗ Vivy & Co.: Gesundheitsapps kranken an der Sicherheit ∗∗∗
---------------------------------------------
Mit Sicherheitsversprechen geizen die Hersteller von Gesundheitsapps wahrlich nicht. Doch wie ist es wirklich darum bestellt? (Medizin, Gesundheitskarte)
---------------------------------------------
https://www.golem.de/news/vivy-co-gesundheitsapps-kranken-an-der-sicherheit-1901-138622-rss.html


∗∗∗ Using Wireshark – Display Filter Expressions ∗∗∗
---------------------------------------------
As a Threat Intelligence Analyst for Palo Alto Networks Unit 42, I often use Wireshark to review packet captures (pcaps) of network traffic generated by malware samples. To better accomplish this work, I use a customized Wireshark column display as described my previous blog about using Wireshark. Today’s post provides more tips for analysts toThe post Using Wireshark – Display Filter Expressions appeared first on Unit42.
---------------------------------------------
https://unit42.paloaltonetworks.com/using-wireshark-display-filter-expressions/


∗∗∗ Windows 10 Experts Guide: Everything you need to know about BitLocker ∗∗∗
---------------------------------------------
Encrypting every bit of data on a Windows 10 PC is a crucial security precaution. Every edition of Windows 10 includes strong encryption options, with business editions having the best set of management tools. Heres a hands-on guide.
---------------------------------------------
https://www.zdnet.com/article/windows-10-experts-guide-everything-you-need-to-know-about-bitlocker/#ftag=RSSbaffb68



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Emerson DeltaV ∗∗∗
---------------------------------------------
This advisory provides mitigation recommendations for an authentication bypass vulnerability in Emersons DeltaV distributed control system workstation products.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-010-01


∗∗∗ Omron CX-One CX-Protocol ∗∗∗
---------------------------------------------
This advisory provides mitigation recommendations for a type confusion vulnerability in Omrons CX-Protocol within the CX-One software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02


∗∗∗ Pilz PNOZmulti Configurator ∗∗∗
---------------------------------------------
This advisory provides mitigation recommendations for a clear-text storage of sensitive information vulnerability in the Pilz PNOZmulti Configurator, a safety circuit configuration tool.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-010-03


∗∗∗ Tridium Niagara Enterprise Security, Niagara AX, and Niagara 4 ∗∗∗
---------------------------------------------
This advisory was originally posted to the HSIN ICS-CERT library on November 29, 2018, and is now being released to the NCCIC/ICS-CERT website. This advisory provides mitigation recommendations for a cross-site scripting vulnerability reported in the Tridium Niagara Enterprise Security, the Niagara AX, and the Niagara 4 products.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-333-02


∗∗∗ USN-3855-1: systemd vulnerabilities ∗∗∗
---------------------------------------------
systemd vulnerabilitiesA security issue affects these releases of Ubuntu and its derivatives:Ubuntu 18.10Ubuntu 18.04 LTSUbuntu 16.04 LTSSummarySeveral security issues were fixed in systemd.Software Descriptionsystemd - system and service managerDetailsIt was discovered that systemd-journald allocated variable-length buffersfor certain message fields on the stack. A local attacker couldpotentially exploit this to cause a denial of service, or executearbitrary code.
---------------------------------------------
https://usn.ubuntu.com/3855-1/


∗∗∗ Sicherheitslücken (teils kritisch) in Juniper ATP, Junos OS und Space OS Software - Patches verfügbar ∗∗∗
---------------------------------------------
Sicherheitslücken (teils kritisch) in Juniper ATP, Junos OS und Space OS Software - Patches verfügbar 11. Jänner 2019  Beschreibung Der Netzwerkausrüster Juniper hat mehrere Security Advisories zu teils kritischen Sicherheitslücken in Juniper Space OS, Junos OS und ATP Software veröffentlicht.  Zwei der Schwachstellen in Juniper ATP werden mit dem höchstmöglichen CVSS3 Score von 10 als kritisch eingestuft:   CVE-2019-0020, CVE-2019-0022 [...]
---------------------------------------------
http://www.cert.at/warnings/all/20190111.html


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (systemd and wireshark-cli), Debian (libsndfile and tmpreaper), Fedora (beep, electrum, gnutls, haproxy, krb5, mupdf, php-horde-Horde-Image, python-django, and wget), Mageia (libarchive and terminology), openSUSE (libraw, polkit, and singularity), SUSE (haproxy, java-1_8_0-openjdk, LibVNCServer, and webkit2gtk3), and Ubuntu (exiv2, gnupg2, and webkit2gtk).
---------------------------------------------
https://lwn.net/Articles/776518/


∗∗∗ ZDI-19-013: (0day) Microsoft Windows vcf File Insufficient UI Warning Remote Code Execution Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-19-013/


∗∗∗ Format String Vulnerability in SSH username ∗∗∗
---------------------------------------------
https://fortiguard.com/psirt/FG-IR-18-018


∗∗∗ IBM Security Bulletin: IBM Security Identity Manager Virtual Appliance is affected by an IBM WebSphere Application Server vulnerability(CVE-2017-1788) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-identity-manager-virtual-appliance-is-affected-by-an-ibm-websphere-application-server-vulnerabilitycve-2017-1788/


∗∗∗ IBM Security Bulletin: IBM Security Identity Manager is affected by multiple vulnerabilities (CVE-2018-1956, CVE-2018-1969, CVE-2018-1967 ) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-identity-manager-is-affected-by-multiple-vulnerabilities-cve-2018-1956-cve-2018-1969-cve-2018-1967/


∗∗∗ IBM Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1904) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-remote-code-execution-vulnerability-in-websphere-application-server-affects-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2018-1904/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list