End-of-Day report
Timeframe: Donnerstag 08-03-2018 18:00 − Freitag 09-03-2018 18:00
Handler: Nina Bieringer
Co-Handler: Alexander Riepl
News
∗∗∗ LLVM 6.0: Clang bekommt Maßnahme gegen Spectre-Angriff ∗∗∗
Die neue Version der LLVM-Compiler wie Clang bringt mit Retpolines eine wichtige Maßnahme gegen Angriffe über Spectre. Davon profitieren auch künftige Windows-Versionen von Google Chrome. Optimierungen gibt es außerdem bei der Diagnose von Quelltexten.
https://www.golem.de/news/llvm-6-0-clang-bekommt-massnahme-gegen-spectre-angriff-1803-133241.html
∗∗∗ Avast: CCleaner-Infektion enthielt Keylogger-Funktion ∗∗∗
Die im vergangenen Jahr mit CCleaner verteilte Malware sollte Unternehmen wohl auch per Keylogger ausspionieren. Avast hat im eigenen Netzwerk die Shadowpad-Malware gefunden, geht aber davon aus, dass diese bei Kunden nicht installiert wurde.
https://www.golem.de/news/avast-ccleaner-infektion-enthielt-keylogger-funktion-1803-133255.html
∗∗∗ Look-Alike Domains and Visual Confusion ∗∗∗
How good are you at telling the difference between domain names you know and trust and imposter or look-alike domains? The answer may depend on how familiar you are with the nuances of internationalized domain names (IDNs), as well ..
https://krebsonsecurity.com/2018/03/look-alike-domains-and-visual-confusion/
∗∗∗ Researchers Demonstrate Ransomware Attack on Robots ∗∗∗
IOActive security researchers today revealed a ransomware attack on robots, demonstrating not only that such assaults are possible, but also their potential financial impact. read more
https://www.securityweek.com/researchers-demonstrate-ransomware-attack-robots
Vulnerabilities
∗∗∗ Siemens SIPROTEC 4, SIPROTEC Compact, DIGSI 4, and EN100 Ethernet Module ∗∗∗
This advisory includes mitigations for missing authentication for critical function, and inadequate encryption strength vulnerabilities in Siemens SIPROTEC 4, SIPROTEC Compact, DIGSI 4, and EN100 Ethernet module.
https://ics-cert.us-cert.gov/advisories/ICSA-18-067-01
∗∗∗ Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle Devices using the EN100 Ethernet Communication Module Extension ∗∗∗
This advisory includes mitigation details for a missing authentication for critical function vulnerability in the Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices using the EN100 Ethernet communication module extension.
https://ics-cert.us-cert.gov/advisories/ICSA-18-067-02
∗∗∗ Security Advisory - Information Disclosure Vulnerability on Honor Smart Scale Application ∗∗∗
http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20180309-01-ah-en
∗∗∗ Security Advisory - Buffer Overflow Vulnerability in eNSP Software ∗∗∗
http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20180309-01-ensp-en
∗∗∗ IBM Security Bulletin: IBM Notes Privilege Escalation in IBM Notes System Diagnostics service (CVE-2018-1437) ∗∗∗
http://www.ibm.com/support/docview.wss?uid=swg22014201
∗∗∗ IBM Security Bulletin: IBM Notes Remote Code Execution Vulnerability (CVE-2018-1435) ∗∗∗
http://www.ibm.com/support/docview.wss?uid=swg22014198