End-of-Day report
Timeframe: Montag 20-11-2017 18:00 − Dienstag 21-11-2017 18:00
Handler: Nina Bieringer
Co-Handler: Robert Waldner
News
∗∗∗ SSL Certificate Provider StartCom Shuts Down After Browser Ban ∗∗∗
Certificate Authority (CA) StartCom announced last week, on Friday, its intention to cease operations by 2018, and completely shut down its certificate infrastructure by ..
https://www.bleepingcomputer.com/news/security/ssl-certificate-provider-startcom-shuts-down-after-browser-ban/
∗∗∗ Factsheet Building a SOC: start small ∗∗∗
An increasingly common way to achieve visibility and control of information security is to implement a Security Operations Centre (SOC). In order for a SOC to function successfully, it must be tied in with the business processes. This makes building a SOC ..
https://www.ncsc.nl/english/current-topics/factsheets/factsheet-building-a-soc-start-small.html
∗∗∗ The Art of Fuzzing – Slides and Demos ∗∗∗
Over the last weeks I presented talks on the topic of fuzzing at conferences such as DefCamp, Heise Dev Sec, IT-SeCX and BSides Vienna. As promised, I make my slides and demos available to the public with this blog post .
https://www.sec-consult.com/en/blog/2017/11/the-art-of-fuzzing-slides-and-demos/index.html
∗∗∗ Kritische Sicherheitslücke: Traffic von F5 BIG-IP-Appliances lässt sich entschlüsseln ∗∗∗
Firewalls, Load-Balancer und andere BIG-IP-Systeme sind anfällig für einen Angriff, bei dem dritte den verschlüsselten SSL-Traffic zwischen Client und Appliance abhören können. Admins, die solche Systeme im Einsatz haben ..
https://heise.de/-3895060
∗∗∗ Intel stopft neue Sicherheitslücken der Management Engine (SA-00086) ∗∗∗
Intels Security Advisory SA-00086 beschreibt mehrere Fehler in der Firmware der Management Engine (ME 11.0 bis 11.7), in Trusted Execution Engine 3.0 und in den Server Platform Services (SPS 4.0).
https://heise.de/-3895175
∗∗∗ OSX.Proton spreading through fake Symantec blog ∗∗∗
A new variant of the OSX.Proton malware is being promoted via a fake Symantec blog site.
https://blog.malwarebytes.com/threat-analysis/mac-threat-analysis/2017/11/osx-proton-spreading-through-fake-symantec-blog/
∗∗∗ Schwerwiegende Sicherheitsprobleme in Systemen mit aktuellen Intel-Prozessoren ∗∗∗
Schwerwiegende Sicherheitsprobleme in Systemen mit aktuellen Intel-Prozessoren 21. November 2017 Beschreibung Wie Intel meldet (INTEL-SA-00086), gibt es aktuell mehrere Schwachstellen in Systemen mit ..
http://www.cert.at/warnings/all/20171121.html
Vulnerabilities
∗∗∗ Security Advisory 2017-07: Security Update for OTRS Framework ∗∗∗
Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Please send information regarding vulnerabilities ..
https://www.otrs.com/security-advisory-2017-07-security-update-otrs-framework/
∗∗∗ Samba: Use-after-free vulnerability ∗∗∗
All versions of Samba from 4.0.0 onwards are vulnerable to a use after free vulnerability, where a malicious SMB1 request can be used to control the contents of heap memory via a deallocated heap pointer. It is possible this may be used to compromise the SMB server.
https://www.samba.org/samba/security/CVE-2017-14746.html
∗∗∗ Samba: Server heap memory information leak ∗∗∗
All versions of Samba from 3.6.0 onwards are vulnerable to a heap memory information leak, where server allocated heap memory may be returned to the client without being cleared.
https://www.samba.org/samba/security/CVE-2017-15275.html
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Cast Iron ∗∗∗
http://www.ibm.com/support/docview.wss?uid=swg22009696
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Collaboration and Deployment Services ∗∗∗
http://www-01.ibm.com/support/docview.wss?uid=swg22010685