End-of-Shift report
Timeframe: Donnerstag 27-04-2017 18:00 − Freitag 28-04-2017 18:00
Handler: Alexander Riepl
Co-Handler: n/a
GE Multilin SR Protective Relays
This advisory contains mitigation details for a weak cryptography for passwords vulnerability in GEs Multilin SR protective relays.
https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01
Chrome to Mark More HTTP Pages ‘Not Secure’
Starting with Chrome 62, Google will start marking any HTTP page where users may enter data, ..
http://threatpost.com/chrome-to-mark-more-http-pages-not-secure/125255/
Russian-controlled telecom hijacks financial services’ Internet traffic
Visa, MasterCard, and Symantec among dozens affected by "suspicious" BGP mishap.
https://arstechnica.com/security/2017/04/russian-controlled-telecom-hijacks-financial-services-internet-traffic/
DSA-3836 weechat - security update
It was discovered that weechat, a fast and light chat client, is proneto a buffer overflow vulnerability in the IRC plugin, allowing a remote attacker to cause a denial-of-service by sending a specially crafted filename via DCC.
https://www.debian.org/security/2017/dsa-3836
DSA-3837 libreoffice - security update
It was discovered that a buffer overflow in processing Windows Metafiles may result in denial of service or the execution of arbitrary code if a malformed document is opened.
https://www.debian.org/security/2017/dsa-3837
New MacOS Malware, Signed With Legit Apple ID, Found Spying On HTTPS Traffic
Many people believe that they are much less likely to be bothered by malware if they use a Mac computer, but is it really true? Unfortunately, No. According to the McAfee Labs, malware attacks on Apples Mac computers were up 744% in 2016, and its researchers ..
https://thehackernews.com/2017/04/apple-mac-malware.html
Http 81 Botnet: the Comparison against MIRAI and New Findings
OverviewIn our previous blog, we introduced a new IoT botnet spreading over http 81. We will name it in this blog the http81 IoT botnet, while some anti-virus software name it Persirai, and some ..
http://blog.netlab.360.com/http-81-botnet-the-comparison-against-mirai-and-new-findings-en/
Facebook und Google überwiesen Betrüger 100 Millionen Dollar
Litauer gab sich als Vertreter von Hardware-Zulieferer aus, Beträge zu großem Teil zurückgeholt
http://derstandard.at/2000056723656