End-of-Shift report
Timeframe: Freitag 16-12-2016 18:00 − Montag 19-12-2016 18:00
Handler: Robert Waldner
Co-Handler: Alexander Riepl
Vuln: Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
http://www.securityfocus.com/bid/94947
Blocking Powershell Connection via Windows Firewall.
In my last post, I mapped controls to stop a malicious doc calling out via Powershell. Im now going to cover how using the Windows firewall can stop the attack ..
https://isc.sans.edu/diary.html?storyid=21829
The banker that encrypted files
Many mobile bankers can block a device in order to extort money from its user. But we have discovered a modification of the mobile banking Trojan Trojan-Banker.AndroidOS.Faketoken that went even further – it can encrypt user data. In addition to that, this modification is attacking more than 2,000 financial apps around the world.
http://securelist.com/blog/research/76913/the-banker-that-encrypted-files/
IBM Security Bulletin: Code execution vulnerability in IBM MessageSight (CVE-2016-5983)
There is a potential code execution vulnerability in WebSphere Application Server Liberty Profile ..
http://www.ibm.com/support/docview.wss?uid=swg21995510
IBM Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server
The following security issues have been identified in WebSphere Application Server ..
http://www-01.ibm.com/support/docview.wss?uid=swg21995683
IBM Security Bulletin: Multiple vulnerabilities in IBM WebSphere affect IBM Control Center (CVE-2016-5983, CVE-2016-2923, CVE-2016-3092)
IBM WebSphere Application Server is shipped as a component of IBM Control Center. Multiple ..
http://www-01.ibm.com/support/docview.wss?uid=swg21995686
IBM Security Bulletin: Reflected XXS vulnerability in IBM Campaign (CVE-2016-0265)
Reflected cross-site scripting vulnerability affecting IBM Campaign has been addressed. CVE(s): CVE-2016-0265 ..
http://www-01.ibm.com/support/docview.wss?uid=swg21986033