End-of-Day report
Timeframe: Freitag 03-08-2018 18:00 - Montag 06-08-2018 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
New Method Simplifies Cracking WPA/WPA2 Passwords on 802.11 Networks
It should be noted that this method does not make it easier to crack the password for a wireless network. It instead makes the process of acquiring a hash that can can be attacked to get the wireless password much easier.
https://www.bleepingcomputer.com/news/security/new-method-simplifies-cracking-wpa-wpa2-passwords-on-80211-networks/
DDoS-Angriffe: Die Bedrohung stabilisiert sich
Durch den Schlag gegen Webstresser.org haben DDoS-Angriffe im deutschsprachigen Raum klar nachgelassen. Grund zur Entwarnung ist das aber nicht.
http://heise.de/-4128961
Abmahnung der Anwalt AG wegen Urheberrechtsverletzung
Die ANWALT AG, vertreten durch Dr. Rene De La Porte, versendet eine Abmahnung wegen Urheberrechtsverletzung. Empfänger/innen sollen 426,55 Euro wegen eines Rechtsverstoßes auf kinox.to bezahlen. Das Schreiben ist betrügerisch. Konsument/innen müssen den Geldbetrag nicht bezahlen.
https://www.watchlist-internet.at/news/abmahnung-der-anwalt-ag-wegen-urheberrechtsverletzung/
Vulnerabilities
Enigmail 2.0.8 released
A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like its signed and/or encrypted.
https://www.enigmail.net/index.php/en/download/changelog
EMC Data Protection Advisor XML External Entity Processing Flaw Lets Remote Authenticated Users Obtain Potentially Sensitive Information
A remote authenticated user can supply specially crafted XML External Entity (XXE) data to the target REST API to read files on the target system with the privileges of the target service or cause denial of service conditions on the target system.
http://www.securitytracker.com/id/1041417
CA API Developer Portal Input Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks
The developer portal does not properly filter HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser.
http://www.securitytracker.com/id/1041416
Security updates for Monday
Security updates have been issued by Arch Linux (cgit, python-django, and python2-django), Debian (ant, cgit, libmspack, python-django, symfony, vim-syntastic, and xml-security-c), Fedora (kernel-headers, libao, libvorbis, mingw-gdal, mingw-xerces-c, and python-XStatic-jquery-ui), openSUSE (bouncycastle, java-10-openjdk, libgcrypt, libsndfile, mutt, nautilus, ovmf, python-dulwich, rpm, util-linux, wireshark, and xen), Oracle (kernel), Red Hat (kernel, openslp, rhvm-setup-plugins, and xmlrpc),
https://lwn.net/Articles/761923/
IBM Security Bulletin: Vulnerability in IBM Rhapsody Model Manager with potential for Cross-Site Scripting attack
http://www.ibm.com/support/docview.wss?uid=ibm10718345