End-of-Shift report
Timeframe: Mittwoch 14-06-2017 18:00 − Freitag 16-06-2017 18:00
Handler: Olaf Schwarz
Co-Handler: n/a
Former Major Player Neutrino Exploit Kit Has Gone Dark
The Neutrino exploit kit, a former leader of the exploit kit market, appears to have shut down, with the last activity recorded at the start of April, well over two months ago.
https://www.bleepingcomputer.com/news/security/former-major-player-neutrino-exploit-kit-has-gone-dark/
SAP Security Patch Day - June 2017
This post by SAP Product Security Response Team shares information on Patch Day Security Notes* that are released on second Tuesday of every month and fix vulnerabilities discovered in SAP products.
https://blogs.sap.com/2017/06/13/sap-security-patch-day-june2017/
Entschlüsselungstool für Erpressungstrojaner Jaff veröffentlicht
Ein Sicherheitsforscher von Kaspersky hat eine Schwachstelle im Code der Ransomware Jaff entdeckt. Nun können Betroffene ihre Daten mit einem kostenlosen Tool entschlüsseln.
https://heise.de/-3744042
New cyber security information service launched today by ENISA
ENISA launched today its new cyber security information service "Cyber Security Info Notes" with the aim to provide timely key information and recommendations on cyber security topics and incidents.
https://www.enisa.europa.eu/news/enisa-news/new-cyber-security-information-service-launched-today-by-enisa
Wikileaks Unveils Cherry Blossom - Wireless Hacking System Used by CIA
WikiLeaks has published a new batch of the ongoing Vault 7 leak, this time detailing a framework - which is being used by the CIA for monitoring the Internet activity of the targeted systems by exploiting vulnerabilities in Wi-Fi devices.
https://thehackernews.com/2017/06/cia-wireless-router-hacking-tool.html
Samsung-Domain abgelaufen: Millionen Smartphones waren laut Experten für Hacker offen
Laut Sicherheitsforscher hätten Hacker Malware einschleusen können - Samsung dementiert
http://derstandard.at/2000059348103
Developer Creates Rootkit That Hides in PHP Server Modules
A Dutch web developer has created a rootkit that hides inside a PHP module and can be used to take over web servers via a rarely used attack vector: Apache modules.
https://www.bleepingcomputer.com/news/security/developer-creates-rootkit-that-hides-in-php-server-modules/
Kein Patch für Denial-of-Service-Lücke in Windows Server
Im Windows Internet Name Service (WINS) von Windows Server klafft eine Denial-of-Service-Lücke, die Microsoft nicht patchen wird - der Aufwand sei zu groß. Wer den Dienst noch nutzt, soll stattdessen auf DNS ausweichen.
https://heise.de/-3744148
Cyber Security Notification - MicroSCADA Pro SYS600 and CRASHOVERRIDE
http://search.abb.com/library/Download.aspx?DocumentID=9AKK107045A0857&LanguageCode=en&DocumentPartId=&Action=Launch
Bugtraq: ESA-2017-043: EMC ESRS Virtual Edition Authentication Bypass Vulnerability
ESA-2017-043: EMC ESRS Virtual Edition Authentication Bypass Vulnerability
http://www.securityfocus.com/archive/1/540721
DFN-CERT-2017-1030 ISC BIND: Zwei Schwachstellen ermöglichen u.a. das Eskalieren von Privilegien
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1030/
Siemens
Siemens devices using the PROFINET Discovery and Configuration Protocol (Update A)
https://ics-cert.us-cert.gov/advisories/ICSA-17-129-01A
Siemens devices using the PROFINET Discovery and Configuration Protocol (Update A)
https://ics-cert.us-cert.gov/advisories/ICSA-17-129-02A
IBM Security Bulletins
IBM Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified.
http://www.ibm.com/support/docview.wss?uid=ssg1S1010301
IBM Security Bulletin: Multiple vulnerabilities in ntp affect IBM Flex System Manager (FSM)
http://www-01.ibm.com/support/docview.wss?uid=isg3T1025390
IBM Security Bulletin: Multiple vulnerabilities in curl affect IBM Flex System Manager (FSM)
http://www-01.ibm.com/support/docview.wss?uid=isg3T1025395
IBM Security Bulletin: Multiple vulnerabilities in libxml2 affect IBM Flex System Manager (FSM)
http://www-01.ibm.com/support/docview.wss?uid=isg3T1025389
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Flex System Manager (FSM)
http://www-01.ibm.com/support/docview.wss?uid=isg3T1024890
IBM Security Bulletin: Vulnerability CVE-2017-7494 in Samba affects IBM i
http://www-01.ibm.com/support/docview.wss?uid=nas8N1022134
IBM Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2017-7494)
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010317
IBM Security Bulletin: Vulnerability in IBM Java SDK affects multiple IBM Rational products based on IBM Jazz technology
http://www.ibm.com/support/docview.wss?uid=swg22004599
IBM Security Bulletin: IBM MQ and IBM MQ Appliance Open Source zlib is vulnerable to a denial of service (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843)
http://www-01.ibm.com/support/docview.wss?uid=swg22001520