End-of-Shift report
Timeframe: Mittwoch 15-02-2017 18:00 − Donnerstag 16-02-2017 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Metatag -Moderately Critical - Information disclosure - SA-CONTRIB-2017-019
https://www.drupal.org/node/2852937
Search API Sorts - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2017-016
https://www.drupal.org/node/2852922
Who Ran Leakedsource.com?
Late last month, multiple news outlets reported that unspecified law enforcement officials had seized the servers for Leakedsource.com, perhaps the largest online collection ..
https://krebsonsecurity.com/2017/02/who-ran-leakedsource-com/
Yahoo reveals more breachiness to users victimized by forged cookies
Some accounts may have been accessed with forged cookies as recently as 2016.
https://arstechnica.com/information-technology/2017/02/yahoo-reveals-more-breachiness-to-users-victimized-by-forged-cookies/
DSA-3789 libevent - security update
Several vulnerabilities were discovered in libevent, an asynchronousevent notification library. They would lead to Denial Of Service via application crash, or remote code execution.
https://www.debian.org/security/2017/dsa-3789
Ukraine verzeichnet 2016 Rekordzahl von Cyberangriffen
Chef des Inlandsgeheimdienstes vermeidet direkte Nennung Russlands
http://derstandard.at/2000052700282
Microsoft verschiebt Februar-Patches in den März
Diesen Monat gibt es keine Sicherheitspatches von Microsoft. Die eigentlich geplanten Updates will das ..
https://heise.de/-3627965
Blackberry liefert monatliche Sicherheitsupdates für alle Geräte
Im November war Blackberry aus dem Tritt geraten, versprochene Sicherheitsupdates für das DTEK50 kamen erst im Dezember. Nun hat sich die Versorgung wieder stabilisiert.
https://heise.de/-3627937
OpenSSL advisory 20170216
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL to crash (dependent on ciphersuite). Both clients and servers are affected.
https://openssl.org/news/secadv/20170216.txt
Google was aware of Russian APT28 group years before others
Lorenzo Bicchierai from MotherBoard shared an interesting private report about Russian cyber espionage operations conducted by APT28, the document was leaked online by Google. The ..
http://securityaffairs.co/wordpress/56336/apt/apt28-leaked-report.html
Xen-Entwickler wollen weniger Sicherheitslücken offenlegen
Die Entwickler des Virtualisierungssystems Xen wollen weniger Sicherheitslücken öffentlich machen. Damit wollen sie vor allem Arbeit sparen, sorgen aber auch für eine klarere Linie im Umgang mit Schwachstellen.
https://heise.de/-3628690