End-of-Day report
Timeframe: Donnerstag 09-08-2018 18:00 - Freitag 10-08-2018 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
News
Neue Macs können beim ersten Kontakt mit WLAN gehackt werden
Betroffen sind Firmenkunden von Apple. Die Schwachstelle wurde auf der Black Hat Konferenz präsentiert.
https://futurezone.at/digital-life/neue-macs-koennen-beim-ersten-kontakt-mit-wlan-gehackt-werden/400086368
The 10 Best Practices for Identifying and Mitigating Phishing
Phishing (a form of social engineering) is escalating in both frequency and sophistication; consequently, it is even more challenging to defend against cyber-related attacks. These days, any industry, any workplace, any work role can be targeted by a phishing scam that is spreading beyond simple malicious email attachments and link manipulation techniques (i.e., phishers may [...]
https://resources.infosecinstitute.com/the-10-best-practices-for-identifying-and-mitigating-phishing/
Practical Web Cache Poisoning
Web cache poisoning has long been an elusive vulnerability, a theoretical threat used mostly to scare developers into obediently patching issues that nobody could actually exploit. In this paper Ill show you how to compromise websites by using esoteric web features to turn their caches into exploit delivery systems, targeting everyone that makes the mistake of visiting their homepage.
https://portswigger.net/blog/practical-web-cache-poisoning
VIA C3: "God Mode"-Sicherheitslücke in Prozessoren entdeckt
Ein IT-Experte hat einen schwerwiegenden Bug in alten CPUs von VIA Technologies aufgespürt und auch gleich eine Gegenmaßnahme programmiert.
http://heise.de/-4133425
Vulnerabilities in mPOS devices could lead to fraud and theft
Vulnerabilities in mPOS (mobile point-of-sale) machines could allow malicious merchants to defraud customers and attackers to steal payment card data, Positive Technologies researchers have found. The use of mPOS devices has seen huge growth over the last few years as the barriers to entry to be provided a device and start accepting card payments are effectively zero.
https://www.helpnetsecurity.com/2018/08/10/mpos-vulnerabilities/
Nicht bei shop-and-smile.com einkaufen
Auf shop-and-smile.com finden Konsument/innen Elektroartikel. Die angebotenen Produkte sind gebraucht und nicht neu. Das ist im Rahmen eines Einkaufs nicht offensichtlich. Eine Bezahlung der Ware ist entgegen anderer Aussagen nur im Voraus möglich. Die Watchlist Internet rät von einem Einkauf bei shop-and-smile.com ab.
https://www.watchlist-internet.at/news/nicht-bei-shop-and-smilecom-einkaufen/
Vulnerabilities
Crestron TSW-X60 and MC3
This advisory includes mitigation recommendations for OS command injection, improper access control, and insufficiently protected credentials vulnerabilities in Crestrons TSW-X60 and MC3 devices.
https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01
NetComm Wireless 4G LTE Light Industrial M2M Router
This advisory includes mitigation recommendations for information exposure, cross-site forgery, cross-site scripting, and information exposure through directory listing vulnerabilities in NetComm Wireless 4G LTE Light Industrial M2M Router.
https://ics-cert.us-cert.gov/advisories/ICSA-18-221-02
PostgreSQL 10.5, 9.6.10, 9.5.14, 9.4.19, 9.3.24, and 11 Beta 3 Released!
Two security vulnerabilities have been closed by this release: CVE-2018-10915: Certain host connection parameters defeat client-side security defenses CVE-2018-10925: Memory disclosure and missing authorization in INSERT ... ON CONFLICT DO UPDATE
https://www.postgresql.org/about/news/1878/
Security updates for Friday
Security updates have been issued by Fedora (exiv2, kernel-headers, kernel-tools, libgit2, and thunderbird-enigmail), openSUSE (blueman, cups, gdk-pixbuf, libcdio, libraw, libsoup, libtirpc, mysql-community-server, python-mitmproxy, sssd, and virtualbox), Red Hat (cobbler), SUSE (ceph, firefox, NetworkManager-vpnc, openssh, and wireshark), and Ubuntu (openjdk-7 and openjdk-8).
https://lwn.net/Articles/762337/
wpa_supplicant: Eine Schwachstelle ermöglicht einen Denial-of-Service-Angriff
https://adv-archiv.dfn-cert.de/adv/2018-1564/
Red Hat Certification: Mehrere Schwachstellen ermöglichen u. a. die Ausführung beliebigen Programmcodes
https://adv-archiv.dfn-cert.de/adv/2018-1571/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA
http://www.ibm.com/support/docview.wss?uid=ibm10720235
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearQuest
https://www-01.ibm.com/support/docview.wss?uid=ibm10718367
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearCase (CVE-2018-2633, CVE-2018-2603, CVE-2018-2579, CVE-2018-2602, CVE-2018-2794, & CVE-2018-2783)
https://www-01.ibm.com/support/docview.wss?uid=ibm10717207
IBM Security Bulletin: A security vulnerability in OpenSSL affects IBM Rational ClearQuest (CVE-2018-0739)
https://www-01.ibm.com/support/docview.wss?uid=ibm10718373
IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2018-0739)
https://www-01.ibm.com/support/docview.wss?uid=ibm10717211
IBM Security Bulletin: Security Bulletin: IBM Data Server Driver for JDBC and SQLJ is affected by a 3RD PARTY Unsafe deserialization
http://www.ibm.com/support/docview.wss?uid=swg22012479
IBM Security Bulletin: A security vulnerability in IBM Rational ClearQuest with SSL/TLS communications (CVE-2016-2922)
https://www-01.ibm.com/support/docview.wss?uid=ibm10718377