End-of-Shift report
Timeframe: Montag 29-05-2017 18:00 − Dienstag 30-05-2017 18:00
Handler: Stephan Richter
Co-Handler: n/a
Chrome Bug Allows Sites to Record Audio and Video Without a Visual Indicator
Ran Bar-Zik, a web developer at AOL, has discovered and reported a bug in Google Chrome that allows websites to record audio and video without showing a visual indicator. [...]
https://www.bleepingcomputer.com/news/security/chrome-bug-allows-sites-to-record-audio-and-video-without-a-visual-indicator/
5 incident response practices that keep enterprises from adapting to new threats
Security analysts within enterprises are living a nightmare that never ends. 24 hours a day, their organizations are being attacked by outside (and sometimes inside) perpetrators - hackers, hacktivists, competitors, disgruntled employees, etc. Attacks range in scope and sophistication, but are always there, haunting the security teams tasked with guarding against them. To cope with this never-ending, ever-changing slew of threats, most organizations rely on established best practices to [...]
https://www.helpnetsecurity.com/2017/05/30/incident-response-practices/
Darauf sollen Unternehmer bei der IT-Sicherheit achten
Nahezu jeden Tag werden Cyberangriffe auf Unternehmen publik. Der Schaden ist oft erheblich. Wer ein paar einfache Tipps beachtet, kann das Risiko deutlich reduzieren.
https://futurezone.at/b2b/darauf-sollen-unternehmer-bei-der-it-sicherheit-achten/266.869.752
Erpressungstrojaner Jaff: Vorsicht vor Mails mit PDF-Anhang
Derzeit landen vermehrt E-Mails mit einem manipulierten PDF-Dokument in Posteingängen. Wer das Dokument unter Windows öffnet, kann sich die Ransomware Jaff einfangen. Diese verschlüsselt Daten und versieht sie mit der Dateiendung .wlc.
https://heise.de/-3728073
FreeRADIUS: Anmelde-Server dank Sicherheitslücke viel zu gutgläubig
Bei der Wiederaufnahme von TLS-Verbindungen überprüft der Anmelde-Server FreeRADIUS unter Umständen nicht, ob der Nutzer sich jemals richtig angemeldet hat. Für eine Software, die Anmeldungen prüfen soll, ist das fatal.
https://heise.de/-3728535
SANS Securing the Human Security Awareness Report 2017
[...] The report highlights what successful programs do right to change behavior and what lagging programs can do to improve and move beyond compliance.
https://securingthehuman.sans.org/resources/security-awareness-report-2017
https://securingthehuman.sans.org/media/resources/STH-SecurityAwarenessReport-2017.pdf
The Most Common Social Engineering Attacks
Many years ago, one of the world's most popular hacker Kevin Mitnick explained in his book "The Art of Deception" the power of social engineering techniques, today we are aware that social engineering can be combined with hacking to power insidious attacks. Let's consider for example social media and mobile platforms; they are considered powerful attack [...]
http://resources.infosecinstitute.com/common-social-engineering-attacks/
Serviio PRO 1.8 DLNA Media Streaming Server REST API Arbitrary Code Execution
The version of Serviio installed on the remote Windows/Linux host is affected by an unauthenticated password modification vulnerability due to improper access control enforcement of the Configuration REST API. A remote attacker can exploit this, via a specially crafted request, to change the login password for the mediabrowser protected page.
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5408.php
IBM Security Bulletin: Security vulnerabilities in IBM Java Runtime affect IBM RLKS Administration and Reporting Tool Admin
http://www.ibm.com/support/docview.wss?uid=swg22001029
IBM Security Bulletin: A vulnerability in IBM Java SDK affects IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2016-5597)
http://www-01.ibm.com/support/docview.wss?uid=swg22003602