End-of-Day report
Timeframe: Freitag 27-07-2018 18:00 - Montag 30-07-2018 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
An Introduction to the Xposed Framework for Android Penetration Testing
Introduction When it comes to the Pen Testing of Android-based applications, the main focus and attention of the Pen Tester is to live in the mindset of the Cyber attacker literally. The Pen Tester must then carry out an attack to see how the software code can be manipulated, what the weak spots of the [-]The post An Introduction to the Xposed Framework for Android Penetration Testing appeared first on InfoSec Resources.An Introduction to the Xposed Framework for Android Penetration
https://resources.infosecinstitute.com/an-introduction-to-the-xposed-framework-for-android-penetration-testing/
Top 10 Free Threat-Hunting Tools
Threat hunting is an alternative approach to dealing with cyber-attacks, compared to network security systems that include appliances such as firewalls that monitor traffic as it flows through a system. While these common methods of defense generally investigate threats after they have occurred, the strategy of threat hunting involves searching through networks, detecting and isolating [-]The post Top 10 Free Threat-Hunting Tools appeared first on InfoSec Resources.Top 10 Free
https://resources.infosecinstitute.com/top-10-free-threat-hunting-tools/
State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China
Heres a timely reminder that email isnt the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned. This particular ruse, while crude and simplistic, preys on the curiosity of recipients who may be enticed into popping the CD into a computer.
https://krebsonsecurity.com/2018/07/state-govts-warned-of-malware-laden-cd-sent-via-snail-mail-from-china/
Vulnerabilities
Security updates for Monday
Security updates have been issued by Arch Linux (libextractor and wesnoth), Debian (ffmpeg, fuse, libidn, mercurial, openssl, policykit-1, tomcat7, tomcat8, wireshark, and wordpress), Fedora (java-1.8.0-openjdk, java-openjdk, libpng10, php, sox, and suricata), Gentoo (curl and znc), openSUSE (bouncycastle, Chromium, cinnamon, e2fsprogs, ImageMagick, kernel, libgcrypt, mercurial, openssh, openssl-1_0_0, openssl-1_1, python, qutebrowser, rubygem-sprockets, shadow, and xen), Slackware (kernel), ...
https://lwn.net/Articles/761324/
IBM Security Bulletin: A security vulnerability has been identified in Open SSL, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2016-0702).
http://www.ibm.com/support/docview.wss?uid=ibm10718745
IBM Security Bulletin: Users of Helm with IBM Cloud Private can elevate their privileges (CVE-2018-1714)
https://www-prd-trops.events.ibm.com/node/718339
IBM Security Bulletin: A vulnerability in Apache Solr (lucene) affects IBM InfoSphere Information Server
http://www-01.ibm.com/support/docview.wss?uid=swg22017447
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer.
http://www.ibm.com/support/docview.wss?uid=ibm10717895
IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerability in GNU C Library (CVE-2017-12133)
http://www.ibm.com/support/docview.wss?uid=ibm10718991
IBM Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerabilty in Freetype 2 (CVE-2016-10328)
http://www.ibm.com/support/docview.wss?uid=ibm10718665
IBM Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerabilty in PHP (CVE-2018-7584)
http://www.ibm.com/support/docview.wss?uid=ibm10718663
IBM Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilties in dhcp (CVE-2018-5732, CVE-2018-5733)
http://www.ibm.com/support/docview.wss?uid=ibm10718661
IBM Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilties in GNU C Library
http://www.ibm.com/support/docview.wss?uid=ibm10718659
IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerabilities in freetype2 (CVE-2016-10244 CVE-2017-8105 CVE-2017-8287)
http://www.ibm.com/support/docview.wss?uid=ibm10718993
IBM Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerability in IPsec-Tools (CVE-2016-10396)
http://www.ibm.com/support/docview.wss?uid=ibm10718657
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Platform Symphony and IBM Spectrum Symphony
http://www.ibm.com/support/docview.wss?uid=ibm10718381
IBM Security Bulletin: IBM Cloud Functions is affected by two function runtimevulnerabilities
https://www-01.ibm.com/support/docview.wss?uid=ibm10718977
HPESBHF03867 rev.1 - HPE Systems with Intel-based processors with SPI Flash Engine, Local Denial of Service
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03867en_us