End-of-Shift report
Timeframe: Mittwoch 17-05-2017 18:00 − Donnerstag 18-05-2017 18:00
Handler: Stephan Richter
Co-Handler: Alexander Riepl
Bootstrap - Critical - Information Disclosure - SA-CONTRIB-2017-048
This theme enables you to bridge the gap between the Bootstrap Framework and Drupal. The theme does not sufficiently exclude the submitted password value when an incorrect value ..
https://www.drupal.org/node/2879177
4022345 - Identifying and correcting failure of Windows Update client to receive updates - Version: 1.3
Microsoft is releasing this security advisory to provide information related to an uncommon deployment scenario in which the Windows Update Client may not properly scan for, or download, updates. This scenario may affect customers who installed ..
https://technet.microsoft.com/en-us/library/security/4022345
iPrint Appliance 2.0 Patch 5
iPrint Appliance 2.0 Patch 5 includes bug fixes, security fixes and a consolidation of previously released patches and hot patches for the iPrint Appliance 2.0.
https://download.novell.com/Download?buildid=nKiTte1j9yM~
iPrint Appliance 2.1 Patch 3
iPrint Appliance 2.1 Patch 3 is a cumulative patch including fixes from all the previous 2.1 patches and hot fixes.
https://download.novell.com/Download?buildid=4QmSWkUlwrA~
Indicators Associated With WannaCry Ransomware (Update B)
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-135-01A Indicators Associated With WannaCry Ransomware that was published May 16, 2017, on the NCCIC/ICS-CERT web site.
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-135-01B
My Little CVE Bot
The massive spread of the WannaCry ransomware last Friday was another good proof that many organisations still fail to patch their systems. Everybody admits that patching is a boring task. They are many constraints that make this process very difficult to implement ..
https://isc.sans.edu/diary.html?storyid=22432
Handbrake-Trojaner: Quellcode des Mac-Entwicklerstudios Panic entwendet
Die auf Mac-Nutzer abzielene Malware “Proton” hat ein erstes prominentes Opfer gefordert: Unbekannte klauten den Quelltext zu mehreren Apps des Entwicklerstudios Panic. Kundendaten sind nicht betroffen, betont das Unternehmen.
https://heise.de/-3716479
Why the most successful Retefe spam campaign never paid off
Switzerland is one of the main targets of the Retefe banking trojan since its first appearance in November 2013. At ..
https://securityblog.switch.ch/2017/05/18/why-the-most-successful-retefe-spam-campaign-never-paid-off/
SSB-412479 (Last Update 2017-05-17): Customer Information on WannaCry Malware for Siemens Healthineers Imaging and Diagnostics Products
https://www.siemens.com/cert/pool/cert/siemens_security_bulletin_ssb-412479.pdf
[2017-05-18] Multiple critical vulnerabilities in Western Digital TV Media Player
Multiple critical vulnerabilities, such as unauthenticated arbitrary file upload or local file inclusion, within the WDTV Media Player devices allow an attacker to take over the device over the network.
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170518-0_WDTV_Media_Player_Multiple_critical_vulnerabilities_v10.txt
Security Alert: BlueDoom Worm Caught Spreading through EternalBlue, Integrates Batch of Leaked NSA Exploits
Unfortunately for users who haven’t patched their systems yet after the WannaCry ransomware campaign, there has been an increase in attempts to abuse the EternalBlue exploit in the past few ..
https://heimdalsecurity.com/blog/bluedoom-worm-eternablue-nsa-exploits/
ATM Black Box attacks: 27 arrested all over Europe
The efforts of a number of EU Member States and Norway, supported by Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT), culminated in the arrest of 27 individuals linked with so-called ATM Black Box attacks across ..
https://www.helpnetsecurity.com/2017/05/18/black-box-attacks/
22 Cisco Security Advisories 2017-05-17
1 Critical, 3 High, 18 Medium
https://tools.cisco.com/security/center/publicationListing.x