Tageszusammenfassung - 10.11.2017

End-of-Day report

Timeframe: Donnerstag 09-11-2017 18:00 − Freitag 10-11-2017 18:00 Handler: Nina Bieringer Co-Handler: Olaf Schwarz

News

∗∗∗ "Eavesdropper" Vulnerability Exposes Millions of Private Conversations ∗∗∗ Security researchers have discovered that tens of developers have left API credentials in hundreds of applications built around the Twilio service.

https://www.bleepingcomputer.com/news/security/-eavesdropper-vulnerability-exposes-millions-of-private-conversations/ ∗∗∗ Google Ranks Phishing Above Keyloggers & Password Reuse as Bigger Threat to Users ∗∗∗ Research carried out by Google engineers and academics from the University of California, Berkeley and the International Computer Science Institute has revealed that phishing attacks pose a more significant threat to users losing access to their Google accounts when compared to keyloggers or password reuse.

https://www.bleepingcomputer.com/news/security/google-ranks-phishing-above-keyloggers-and-password-reuse-as-bigger-threat-to-users/ ∗∗∗ First Android Malware Detected Using New "Toast Overlay" Attack ∗∗∗ A theoretical attack described by security researchers at the start of September has been integrated into a live malware distribution campaign for the first time.

https://www.bleepingcomputer.com/news/security/first-android-malware-detected-using-new-toast-overlay-attack/ ∗∗∗ Ordinypt: Erpressungstrojaner bedroht deutsche Firmen ∗∗∗ Allem Anschein nach geht in Deutschland ein neuer Trojaner um, der auf Personalabteilungen zielt und Lösegeld erpresst. Der in Delphi verfasste Trojaner lässt Opfern allerdings keine Chance, ihre Daten wiederzubekommen.

https://heise.de/-3887249 ∗∗∗ Achtung: Abzocker-Version des Windows Movie Maker ist Nummer Eins bei Google ∗∗∗ Eine gefälschte Version des nicht mehr von Microsoft angebotenen Windows Movie Maker verführt Opfer zum Download und bittet sie dann zur Kasse. Die Betrüger-Webseite hat es sogar ganz vorne in die Ergebnisse vieler Suchmaschinen geschafft.

https://heise.de/-3887323

Vulnerabilities

∗∗∗ Upcoming Security Updates for Adobe Reader and Acrobat (APSB17-36) ∗∗∗ A prenotification Security Advisory has been posted regarding upcoming Adobe Reader and Acrobat updates scheduled for Tuesday, November 14, 2017.

https://blogs.adobe.com/psirt/?p=1508 ∗∗∗ AutomationDirect CLICK, C-More, C-More Micro, GS Drives, and SL-Soft SOLO ∗∗∗

https://ics-cert.us-cert.gov/advisories/ICSA-17-313-01 ∗∗∗ Schneider Electric InduSoft Web Studio and InTouch Machine Edition ∗∗∗

https://ics-cert.us-cert.gov/advisories/ICSA-17-313-02 ∗∗∗ iOS 11.1.1 ∗∗∗

https://support.apple.com/kb/HT208255 ∗∗∗ DFN-CERT-2017-1998/">PostgreSQL: Mehrere Schwachstellen ermöglichen u.a. die Manipulation von Dateien ∗∗∗

https://portal.cert.dfn.de/adv/DFN-CERT-2017-1998/ ∗∗∗ DFN-CERT-2017-1995/">GitLab: Mehrere Schwachstellen ermöglichen das Ausspähen von Informationen ∗∗∗

https://portal.cert.dfn.de/adv/DFN-CERT-2017-1995/ ∗∗∗ IBM Security Bulletin: IBM Content Classification is affected by a Open Source Commons FileUpload Apache Vulnerabilities ∗∗∗

http://www.ibm.com/support/docview.wss?uid=swg22010229 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM QRadar Network Security Manager component of IBM Security SiteProtector System ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22007568 ∗∗∗ SSA-901333 (Last Update 2017-11-09): KRACK Attacks Vulnerabilities in Industrial Products ∗∗∗

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-901333.pdf ∗∗∗ VMSA-2017-0017 ∗∗∗

https://www.vmware.com/security/advisories/VMSA-2017-0017.html ∗∗∗ VMSA-2017-0016 ∗∗∗

https://www.vmware.com/security/advisories/VMSA-2017-0016.html