Tageszusammenfassung - 29.09.2017

End-of-Day report

Timeframe: Donnerstag 28-09-2017 18:00 − Freitag 29-09-2017 18:00 Handler: Alexander Riepl Co-Handler: Stephan Richter


∗∗∗ Macs Not Receiving EFI Firmware Security Updates as Expected ∗∗∗ Researchers at Duo Security are expected today at Ekoparty to reveal data and a paper that shows Mac users are not receiving EFI firmware updates at expected.

http://threatpost.com/macs-not-receiving-efi-firmware-security-updates-as-expected/128191/ ∗∗∗ ICANN Postpones Scheduled DNS Crypto Key Rollover ∗∗∗ ICANN, the overseer of the Internet’s namespace, announced this week that it was postponing a scheduled change to the cryptographic key that protects the Domain Name System.

http://threatpost.com/icann-postpones-scheduled-dns-crypto-key-rollover/128212/ ∗∗∗ Fake Plugins, Fake Security ∗∗∗ Update: The plugin name is fake and has nothing to do with well-known WP-SpamShield plugin in the official WordPress plugin repository. WordPress users are becoming increasingly more aware of security threats and as a result they are taking more actions to secure their websites (e.g. by installing security plugins). While this is a good thing, there are always black hats trying to take an advantage of new opportunities to compromise websites.

https://blog.sucuri.net/2017/09/fake-plugins-fake-security.html ∗∗∗ WiNX: The Ultra-Portable Wireless Attacking Platform ∗∗∗ When you are performing penetration tests for your customers, you need to build your personal arsenal. Tools, pieces of hardware and software are collected here and there depending on your engagements to increase your toolbox. To perform Wireless intrusion tests, I’m a big fan of the WiFi Pineapple. I’ve one for [...]

https://blog.rootshell.be/2017/09/28/winx-ultra-portable-wireless-attacking-platform/ ∗∗∗ Anonymisierung: Sicherheitsupdates für Tor Browser und Tails ∗∗∗ Der Tor Browser setzt nun auf eine abgesicherte Version von Firefox ESR. In Tails haben die Entwickler diverse Sicherheitslücken, darunter BlueBorne, geschlossen und raten zu einer zügigen Aktualisierung.



∗∗∗ DSA-3985 chromium-browser - security update ∗∗∗ Several vulnerabilities have been discovered in the chromium web browser.

https://www.debian.org/security/2017/dsa-3985 ∗∗∗ DSA-3985 chromium-browser - security update ∗∗∗

https://www.debian.org/security/2017/dsa-3985 ∗∗∗ DFN-CERT-2017-1713: OpenVPN: Eine Schwachstelle ermöglicht einen Denial-of-Service-Angriff ∗∗∗

https://portal.cert.dfn.de/adv/DFN-CERT-2017-1713/ ∗∗∗ IBM Security Bulletin: IBM WebSphere Commerce has a vulnerability in Marketing ESpots that could cause a denial of service (CVE-2017-1569) ∗∗∗

http://www.ibm.com/support/docview.wss?uid=swg22008547 ∗∗∗ IBM Security Bulletin: eDiscovery Manager is affected by an Open Source Apache POI Vulnerability ∗∗∗

https://www-01.ibm.com/support/docview.wss?uid=swg22005630 ∗∗∗ IBM Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, Business Process Manager, IBM Tivoli Monitoring shipped with IBM Cloud Orchestrator (CVE-2017-1194) ∗∗∗

http://www.ibm.com/support/docview.wss?uid=swg2C1000343 ∗∗∗ IBM Security Bulletin: A security vulnerability has been identified in IBM Cloud Orchestrator (CVE-2017-1159) ∗∗∗

http://www.ibm.com/support/docview.wss?uid=swg2C1000328 ∗∗∗ IBM Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Cloud Orchestrator and Cloud Orchestrator Enterprise (CVE-2016-8919) ∗∗∗
