End-of-Shift report
Timeframe: Freitag 28-04-2017 18:00 − Dienstag 02-05-2017 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Exploiting .NET Managed DCOM
Posted by James Forshaw, Project ZeroOne of the more interesting classes of security vulnerabilities are those affecting interoperability technology. This is because these vulnerabilities typically affect any application using the technology, regardless of what the application actually does. Also in many cases they’re difficult ..
http://googleprojectzero.blogspot.com/2017/04/exploiting-net-managed-dcom.html
2017 Verizon DBIR: Sex Sells, But the Basics Get It Done
This year’s Verizon Data Breach Investigations Report has been published, and as with its prior nine incarnations, the report is ..
https://www.beyondtrust.com/blog/2017-verizon-dbir-sex-sells-basics-get-done/
DSA-3838 ghostscript - security update
Several vulnerabilities were discovered in Ghostscript, the GPLPostScript/PDF interpreter, which may lead to the execution of arbitrary code or denial of service if a specially crafted Postscript file is processed.
https://www.debian.org/security/2017/dsa-3838
7 Reasons Why IoT Hacks Will Keep Happening
Hacks happen almost on a daily basis, if not every minute of every day. In fact, some say that ..
https://safeandsavvy.f-secure.com/2017/04/28/7-reasons-why-iot-device-hacks-will-keep-happening/
DSA-3839 freetype - security update
Several vulnerabilities were discovered in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code.
https://www.debian.org/security/2017/dsa-3839
Forschern gelingt Autohack für 20 Euro
Billige Gadgets kopieren Entsperrsignal des Schlüssels – immer noch viele Autos betroffen
http://derstandard.at/2000056487404
Orange is the new Black: Hacker leaken Staffel 5
Laut den Hackern ist dies nur der Vorgeschmack. Sie drohen damit weitere Filme und Serien zu veröffentlichen, die offiziell erst in Monaten erscheinen.
https://futurezone.at/digital-life/orange-is-the-new-black-hacker-leaken-staffel-5/261.279.707
"Dok": Neue Mac-Malware spioniert Browser aus
Kann gesamte Browser-Kommunikation belauschen – derzeit vor allem europäische User im Visier
http://derstandard.at/2000056812916
Carbanak Continues To Evolve: Quietly Creeping into Remote Hosts
Introduction I recently engaged in an investigation involving two new Carbanak campaigns targeting the hospitality ..
https://www.trustwave.com/Resources/SpiderLabs-Blog/Carbanak-Continues-To-Evolve--Quietly-Creeping-into-Remote-Hosts/
Intels remote AMT vulnerablity
Intel just announced a vulnerability in their Active Management Technology stack. Heres what we know so far.Background Intel chipsets for some years have included a Management Engine, a small microprocessor that runs independently of the main CPU and operating ..
http://mjg59.dreamwidth.org/48429.html
IBM Warns Customers That Some of Its USB Flash Drives May Contain Malware
IBM has issued a security alert last week, warning customers that some USB flash drives shipped with IBM Storwize products may contain malicious code.
https://www.bleepingcomputer.com/news/security/ibm-warns-customers-that-some-of-its-usb-flash-drives-may-contain-malware/
Sicherheitsupdates: Jenkins vielfältig angreifbar
Unter gewissen Voraussetzungen könnten Angreifer sich höhere Rechte erschleichen oder sogar Schadcode ausführen.
https://heise.de/-3700838
Spam and phishing in Q1 2017
Although the beginning of Q1 2017 was marked by a decline in the amount of spam in overall global email traffic, in March the situation became more stable, and the average share of ..
http://securelist.com/analysis/quarterly-spam-reports/78221/spam-and-phishing-in-q1-2017/
Cerber Version 6 Shows How Far the Ransomware Has Come (and How Far it’ll Go)
Cerber set itself apart from other file-encrypting malware when its developers commoditized the malware, adopting a business model where fellow cybercriminals can buy the ransomware as a service. The developers earn through commissions—as much as 40%—for every ..
http://blog.trendmicro.com/trendlabs-security-intelligence/cerber-ransomware-evolution/
New Shodan Tool Can Find Malware Command and Control (C&C) Servers
Shodan and Recorded Future have launched today a search engine for discovering malware command-and-control (C&C) servers. Named Malware Hunter, this new tool is integrated into ..
https://www.bleepingcomputer.com/news/security/new-shodan-tool-can-find-malware-command-and-control-candc-servers/
Security Scoring and Grading for Containers and Images
We have just rolled out an update to the interface of the Red Hat Container Catalog that helps provide the answer to the question of whether or not a particular container image we provide ..
https://access.redhat.com/blogs/product-security/posts/container-security-scoring
Citrix XenServer Multiple Security Updates
A number of security issues have been identified within Citrix XenServer. These issues could, if exploited, allow a malicious ..
https://support.citrix.com/article/CTX223291