Tageszusammenfassung - Dienstag 18-10-2016

End-of-Shift report

Timeframe: Montag 17-10-2016 18:00 − Dienstag 18-10-2016 18:00 Handler: Robert Waldner Co-Handler: Alexander Riepl

Security baseline for Windows 10 v1607 (“Anniversary edition”) and Windows Server 2016

Microsoft is pleased to announce the release of the security configuration baseline settings for Windows 10 version 1607, also known as “Anniversary edition” ..

https://blogs.technet.microsoft.com/secguide/2016/10/17/security-baseline-for-windows-10-v1607-anniversary-edition-and-windows-server-2016/

---

New-looking Sundown EK drops Smoke Loader, Kronos banker

In this post we take a quick glance at some changes made to the Sundown exploit kit. The landing page has been tweaked and uses various obfuscation techniques. Sundown is used in some smaller campaigns and in this particular case ..

https://blog.malwarebytes.com/threat-analysis/2016/10/new-looking-sundown-ek-drops-smoke-loader-kronos-banker/

---

Magento Credit Card Swiper Exports to Image

Over the past year we have seen a rash of credit card swipers in Magento and other ecommerce-based websites. In fact, we have been finding new variants nearly every week. It is no surprise that ecommerce sites are ..

https://blog.sucuri.net/2016/10/magento-credit-card-swiper-exports-image.html

---

ZDI-16-570: Novell NetIQ Sentinel Commons DiskFileItem Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell NetIQ Sentinel. Authentication is not required to exploit this vulnerability.

http://www.zerodayinitiative.com/advisories/ZDI-16-570/

---

Security Advisory - Hardcoded SSH Key Vulnerability in Some Huawei Storage Products

http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161017-01-storage-en

---

Audit sees VeraCrypt kils critical password recovery, cipher flaws

Patches slung at 11 bad bugs Security researchers have found eight critical, three medium, and 15 low .. www.theregister.co.uk/2016/10/18/veracrypt_audit/

iOS 10.0.3

https://support.apple.com/en-us/HT207263

---

Hajime: Analysis of a decentralized internet worm for IoT devices [PDF]

Though worms which target IoT devices are not new, they are rising in prominence lately due to the generally wea k security such devices have. What makes Hajime ..

https://security.rapiditynetworks.com/publications/2016-10-16/hajime.pdf

---

Netzob: Reverse Engineering Communication Protocols

Netzob is an open source tool for reverse engineering, traffic generation and fuzzing of ..

https://www.netzob.org/

---

Halfway there! Firefox users now visit over 50% of pages via HTTPS

Mozilla telemetry shows sites using HTTPS for more secure browsing now outnumber plain old HTTP.

https://nakedsecurity.sophos.com/2016/10/18/halfway-there-firefox-users-now-visit-over-50-of-pages-via-https/

---

Malware verkauft: 22-Jähriger muss in Deutschland vor Gericht

Ein 22-Jähriger soll in 4.000 Fällen Trojaner, Viren und andere Malware verkauft haben. Jetzt muss er sich dafür vor Gericht verantworten. - https://futurezone.at/digital-life/malware-verkauft-22-jaehriger-muss-in-deutschland-vor-gericht/226.086.034