End-of-Day report
Timeframe: Montag 04-06-2018 18:00 - Dienstag 05-06-2018 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
Over 115,000 Drupal Sites Still Vulnerable to Drupalgeddon2 Exploit
Hundreds of thousands of websites running on the Drupal CMS-including those of major educational institutions and government organizations around the world-have been found vulnerable to a highly critical flaw for which security ..
https://thehackernews.com/2018/06/drupalgeddon2-exploit.html
IoT Botnets Found Using Default Credentials for C&C Server Databases
Not following cybersecurity best practices could not only cost online users but also cost cybercriminals. Yes, sometimes hackers dont take best security measures to keep their infrastructure safe. A variant of IoT botnet, called Owari, that relies on default or weak credentials to hack insecure IoT devices was found itself using default credentials in its MySQL server integrated with command
https://thehackernews.com/2018/06/iot-botnet-password.html
In eigener Sache: CERT.at sucht Verstärkung
Für unsere täglichen Routineaufgaben suchen wir derzeit 1 Berufsein- oder -umsteiger/in mit ausgeprägtem Interesse an IT-Security, welche/r uns bei den täglich anfallenden Standard-Aufgaben unterstützt. Details finden sich auf unserer Jobs-Seite.
https://cert.at/about/jobs/jobs.html
https://www.cert.at/services/blog/20180605165955-2249.html
Sicherheitsupdates: Mehrere AV-Anwendungen von F-Secure sind löchrig
In verschiedenen Endpoint-Protection-Produkten von F-Secure für Windows klaffen kritische Sicherheitslücken.
http://heise.de/-4068340
Vulnerability Spotlight: TALOS-2018-0535 - Ocularis Recorder VMS_VA Denial of Service Vulnerability
Vulnerabilities discovered by Carlos Pacho from TalosOverviewTalos is disclosing a denial-of-service vulnerability in the Ocularis Recorder. Ocularis is a video management software (VMS) platform used in a variety of ..
https://blog.talosintelligence.com/2018/06/vulnerability-spotlight-talos-2018-0535.html
Hacking, tracking, stealing and sinking ships
At Infosecurity Europe this year, we demonstrated multiple methods to interrupt the shipping industry, several of which haven-t been demonstrated in public before, to our knowledge. Some of these issues were simply through ..
https://www.pentestpartners.com/security-blog/hacking-tracking-stealing-and-sinking-ships/
Vulnerabilities
Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms ARP Request Handling Denial of Service Vulnerability
A vulnerability exists in Cisco Access Point (AP) platforms when processing Address Resolution Protocol (ARP) packets that could allow an unauthenticated, adjacent attacker to inject crafted entries into the ARP ..
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet
FortiSwitch rest_admin account exposed under specific conditions
During an upgrade to version 3.4.1, a FortiSwitch device may let an attackerlog in the rest_admin account without a password, if all the conditions beloware met: * The FortiSwitch device ..
http://fortiguard.com/advisory/FG-IR-16-011