Tageszusammenfassung - 24.10.2018

End-of-Day report

Timeframe: Dienstag 23-10-2018 18:00 - Mittwoch 24-10-2018 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter

News

The Key New Security Features & Capabilities to Know in Windows 10

Last year's WannaCry and Petya malware outbreaks couldn't breach Windows 10's latest security defenses, but companies still running outdated [...]

https://www.beyondtrust.com/blog/key-new-security-features-in-windows-10/

Hacker Discloses New Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper-who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler-has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability.

https://thehackernews.com/2018/10/windows-zero-day-exploit.html

Sicherheitsupdates: Backup-Software von Arcserve kann Daten leaken

Angreifer könnten unberechtigt auf Daten von Host-Systemen, auf denen die Backup-Lösung Arcserve Unified Data Protection läuft, zugreifen.

http://heise.de/-4202167

Einkaufsbetrug mit gefälschten Smile Bank-Nachrichten

Privatverkäufer/innen erhalten Nachrichten von Kriminellen. Sie geben vor, im Ausland zu sein und wollen die angebotene Ware kaufen. Sie überweisen angeblich einen überhöhten Geldbetrag an ihre Vertragspartner/innen. Das sollen gefälschte Smile Bank-Nachrichten belegen. Schließlich sollen Verkäufer/innen den Differenzbetrag und die Ware ins Ausland senden. Dadurch verlieren sie ihre personenbezogenen Daten, ihr Geld und ihre Produkte an Betrüger/innen.

https://www.watchlist-internet.at/news/einkaufsbetrug-mit-gefaelschten-smile-bank-nachrichten/

Nike-Markenfälscher auf coldenemy.com

Die neuesten Schuhe von Nike um 70 Prozent vergünstigt? Das gibt's auf coldenemy.com. Wer hier bestellt, erhält minderwertige Ware, die nichts mit dem gekauften Produkt zu tun hat. Außerdem gelangen Kredit- und Personendaten in die Hände von Kriminellen.

https://www.watchlist-internet.at/news/nike-markenfaelscher-auf-coldenemycom/

Vulnerabilities

Advantech WebAccess

This advisory includes mitigations for stack-based buffer overflow, external control of file name or path, improper privilege management, and path traversal vulnerabilities in Advantechs WebAccess.

https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01

GAIN Electronic Co. Ltd SAGA1-L Series

This advisory includes mitigations for authentication bypass by capture-relay, improper access control, and improper authentication vulnerabilities in GAIN Electronics SAGA1-L series transmitters.

https://ics-cert.us-cert.gov/advisories/ICSA-18-296-02

Telecrane F25 Series

This advisory includes mitigations for an authentication bypass by capture-replay vulnerability in the Telecrane F25 Series software.

https://ics-cert.us-cert.gov/advisories/ICSA-18-296-03

BitDefender Digital Signature Bypass Lets Remote Users Execute Arbitrary Code

A remote user can cause arbitrary code that is located elsewhere to be executed on the target users system due to a bypass of the digital signature GravityZone verification tools. Additional information is available at: https://labs.nettitude.com/blog/cve-2018-8955-bitdefender-gravityzone-arbitrary-code-execution/

https://www.securitytracker.com/id/1041940

Security updates for Wednesday

Security updates have been issued by Fedora (hesiod, lighttpd, and opencc), openSUSE (apache-pdfbox, net-snmp, pam_pkcs11, rpm, tiff, udisks2, and wireshark), SUSE (dhcp, ghostscript-library, ImageMagick, libraw, net-snmp, ntp, postgresql96, rust, tiff, xen, and zziplib), and Ubuntu (mysql-5.5, mysql-5.7).

https://lwn.net/Articles/769415/

IBM Security Bulletins

https://www.ibm.com/blogs/psirt/

October 23, 2018 TNS-2018-13 [R1] LCE 5.1.1 Fixes Multiple Third-party Vulnerabilities

http://www.tenable.com/security/tns-2018-13

October 23, 2018 TNS-2018-14 [R1] Nessus 8.0.0 Fixes Multiple Third-party Vulnerabilities

http://www.tenable.com/security/tns-2018-14

Security vulnerabilities fixed in Firefox ESR 60.3

https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/

Security vulnerabilities fixed in Firefox 63

https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/