End-of-Day report
Timeframe: Montag 14-05-2018 18:00 - Dienstag 15-05-2018 18:00
Handler: Stephan Richter
Co-Handler: n/a
News
Containers are here. What about container security?
The industry is gaga for container technologies like Docker and for good reason. According to ESG research, containers make up about 19 percent of hybrid cloud production workloads today, but in just two years- time, containers will make up one-third of hybrid cloud production workloads. (Note: I am an ESG employee.) Container security issuesNot surprisingly, cybersecurity professionals say rapid growth and proliferation of application containers have led to several security issues:35
https://www.csoonline.com/article/3273347/security/containers-are-here-what-about-container-security.html
IDG Contributor Network: Fact vs. fiction: 6 myths about container security
DevOps, containers and microservices are eating software development just as software is eating the world. But with the explosive growth of these technologies and methodologies, it-s becoming increasingly difficult to separate fact from fiction. This is particularly the case when talking container security. In this article, we take a look specifically at the myths surrounding container security [...]
https://www.csoonline.com/article/3272830/containers/fact-vs-fiction-6-myths-about-container-security.html
Code-Injection: Sicherheitslücke in Signals Desktop-Client
Eine Code-Injection-Lücke in Signals Desktop-Client ermöglicht es, aus der Ferne JavaScript auszuführen. Ein Update für die Electron-App steht bereit. (Signal, Sicherheitslücke)
https://www.golem.de/news/code-injection-sicherheitsluecke-in-signals-desktop-client-1805-134397.html
Warnung vor CryptoCode
Konsument/innen erhalten eine E-Mail von Bitcoin Austria. Bei dem Schreiben handelt es sich um Werbung für CryptoCode. Ein Link in der Nachricht führt auf cryptocode.online. Auf der Plattform sollen Besucher/innen Geld einzahlen, damit sie jeden Tag "$15.000" verdienen können. Das einbezahlte Geld ist verloren, denn eine Gewinnausschüttung gibt es nicht.
https://www.watchlist-internet.at/news/warnung-vor-cryptocode/
NIS Update
Am 9. Mai hätte Österreich die NIS-Direktive umgesetzt haben sollen. Das haben wir verpasst. Wir haben noch immer kein NIS-Gesetz, und leider auch noch keinen Entwurf dazu in Begutachtung. Aber: ein Teil der NIS-Thematik (Anbieter digitaler Dienste) fällt unter die Vollharmonisierung und wird daher direkt aus Brüssel heraus gültig. Die entsprechende Verordnung wurde im Jänner veröffentlicht und ist seit 10. Mai in Kraft. Will man wissen, [...]
http://www.cert.at/services/blog/20180515161108-2242.html
Vulnerabilities
SSA-914382 (Last Update: 2018-05-15): Denial-of-Service Vulnerability in SIMATIC S7-400
SIMATIC S7-400 CPUs are affected by a security vulnerability which could lead to a Denial-of-Service condition of the PLC if specially crafted packets are received and processed.The affected SIMATIC S7-400 CPU hardware versions are in the product cancellation phase or already phased-out. Siemens recommends customers either upgrading to a new version or implementing specific countermeasures.
https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf
VMSA-2018-0011
Unauthenticated Command Injection vulnerability in VMware NSX SD-WAN by VeloCloud
https://www.vmware.com/security/advisories/VMSA-2018-0011.html
Security updates for Tuesday
Security updates have been issued by Arch Linux (firefox, llpp, and webkit2gtk), Debian (kwallet-pam), Fedora (kernel and pam-kwallet), Gentoo (mpv), Oracle (389-ds-base, firefox, libvirt, and qemu-kvm), and Ubuntu (php5 and php5, php7.0, php7.1, php7.2).
https://lwn.net/Articles/754495/
BlackBerry powered by Android Security Bulletin - May 2018
http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000048838
Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes
https://adv-archiv.dfn-cert.de/adv/2018-0922/
IBM Security Bulletin: API Connect Developer Portal is affected by a Drupal vulnerability (CVE-2018-7602)
http://www-01.ibm.com/support/docview.wss?uid=swg22015829
IBM Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale with CES stack enabled that could allow sensitive data to be included with service snaps. This data could be sent to IBM during service engagements (CVE-2018-1512)
http://www.ibm.com/support/docview.wss?uid=ssg1S1012325
IBM Security Bulletin: A vulnerability affects the IBM FlashSystem model V840
http://www.ibm.com/support/docview.wss?uid=ssg1S1012281
IBM Security Bulletin: A vulnerability affects the IBM FlashSystem models 840 and 900
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012280
IBM Security Bulletin: Multiple vulnerabilities affect the IBM FlashSystem model V840
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012283
IBM Security Bulletin: Multiple vulnerabilities affect the IBM FlashSystem models 840 and 900
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012282
IBM Security Bulletin: Multiple vulnerabilities in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012263
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server
http://www-01.ibm.com/support/docview.wss?uid=swg22015254
IBM Security Bulletin: IBM Data Risk Manager has released VM v2.0.1 in response to the vulnerability known as Spectre.
http://www.ibm.com/support/docview.wss?uid=swg22013157
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software
http://www-01.ibm.com/support/docview.wss?uid=swg22016207
Linux kernel vulnerability CVE-2018-8897
https://support.f5.com/csp/article/K17403481