End-of-Shift report
Timeframe: Dienstag 10-05-2016 18:00 − Mittwoch 11-05-2016 18:00
Handler: Stephan Richter
Co-Handler: Alexander Riepl
Security Advisory posted for Adobe Flash Player (APSA16-02)
A Security Advisory (APSA16-02) has been published regarding a critical vulnerability (CVE-2016-4117) in Adobe Flash Player. Adobe is aware of a report that an exploit ..
https://blogs.adobe.com/psirt/?p=1346
Security Updates for Adobe Acrobat and Reader and Hotfixes for ColdFusion Available
Security Bulletins for Adobe Acrobat and Reader (APSB16-14) as well as ColdFusion (APSB16-16) have been published. Adobe recommends users update their product installations to the latest versions using the instructions in the relevant security ..
https://blogs.adobe.com/psirt/?p=1350
IBM Security Bulletin: The Elastic Storage Server and the GPFS Storage Server are affected by vulnerabilities in IBM Spectrum Scale (CVE-2016-0263, CVE2016-0361)
http://www.ibm.com/support/docview.wss?uid=isg3T1023767
MS16-MAY - Microsoft Security Bulletin Summary for May 2016 - Version: 1.0
https://technet.microsoft.com/en-us/library/security/MS16-MAY
May 2016 security update release
Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month's security ..
https://blogs.technet.microsoft.com/msrc/2016/05/10/may-2016-security-update-release/
5 security experts share their best tips for 'fringe' devices
What is a 'fringe' device in IT?For some, it's a gadget everyone has forgotten about - a printer in a corner office, an Android tablet in a public area used to schedule conference rooms. A fringe device can also be one that's common enough to be used ..
http://www.cio.com/article/3068406/security/5-security-experts-share-their-best-tips-for-fringe-devices.html
Panasonic FPWIN Pro Vulnerabilities
This advisory contains mitigation details concerning buffer overflow vulnerabilities in Panasonic FPWIN Pro software.
https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01
DSA-3574 libarchive - security update
Rock Stevens, Andrew Ruef and Marcin Icewall Noga discovered aheap-based buffer overflow vulnerability in the zip_read_mac_metadatafunction in libarchive, a multi-format archive and compression library,which may ..
https://www.debian.org/security/2016/dsa-3574
It's time to get serious about ICS cybersecurity
As recently reported by The Register, a proof-of-concept PLC worm could spell disaster for the critical infrastructure by making attacks exponentially more difficult to detect and stop. Unfortunately, the proof of concept of a PLC worm is a viable scenario which could cause immeasurable ..
https://www.helpnetsecurity.com/2016/05/11/time-get-serious-ics-cybersecurity/
Patchday: Microsoft schliesst Zero-Day-Lücke im Internet Explorer
Wie jeden Monat heißt es auch im Mai für Windows-Nutzer wieder einmal: Jetzt schnell Patches einspielen! Diesmal ist es besonders dringend, denn eine im Patchday geschlossene Lücke wurde bereits vor ihrer Veröffentlichung aktiv für Angriffe missbraucht.
http://heise.de/-3202816
Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities
https://cxsecurity.com/issue/WLB-2016050040
The Art of Searching for Open Source Intelligence
The Internet is a big ocean, and it carries loads of information you might be interested in or looking for, but where and how to find that information? Thanks to search engines like Google that make the searches using a query possible, ..
http://resources.infosecinstitute.com/the-art-of-searching-for-open-source-intelligence/
CryptXXX 2.0 foils decryption tool, locks PCs
CryptXXX ransomware, first spotted in mid-April, has reached version 2.0, and a new level of nastiness. It's also on its way to become one of the top ransomware families in the wild. The malware's first version would encrypt files but leave ..
https://www.helpnetsecurity.com/2016/05/11/cryptxxx-2-0-foils-decryption/
Adobe lässt sich Zeit mit Patch für ausgenutzte Lücke
Mit dem Sicherheitsupdate für den Flash-Player lässt Adobe sich mehr Zeit, als Nutzer zum Deinstallieren der Software benötigen.
http://www.golem.de/news/kritische-flash-luecke-adobe-laesst-sich-zeit-mit-patch-fuer-ausgenutzte-luecke-1605-120841.html
Hintergrund: Dridex analysiert
Eine kleine Artikelreihe zeigt, wie man einen Bot-Netz-Client mit dem Debugger auseinander nimmt.
http://heise.de/-3204362
TA16-132A: Exploitation of SAP Business Applications
Original release date: May 11, 2016 Systems Affected Outdated or misconfigured SAP systems Overview At least 36 organizations worldwide are affected by an SAP vulnerability [1]. Security researchers from Onapsis discovered ..
https://www.us-cert.gov/ncas/alerts/TA16-132A
Updated factsheets security of ICS/SCADA systems
Malicious persons and security researchers show interest in the (lack of) security of industrial control systems. This relates not only to 'traditional' ICS/SCADA systems, but also to building management systems (incl. HVAC and CCTV).
https://www.ncsc.nl/english/current-topics/news/updated-factsheets-security-of-ics-scada-systems.html
IBM Security Bulletin: Multiple vulnerabilities in Samba affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
http://www.ibm.com/support/docview.wss?uid=swg2C1000130
IBM Security Bulletin: IBM Emptoris Sourcing is affected by open redirect vulnerability (CVE-2016-0329).
http://www.ibm.com/support/docview.wss?uid=swg21982629
IBM Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
http://www.ibm.com/support/docview.wss?uid=swg2C1000110