End-of-Day report
Timeframe: Donnerstag 13-09-2018 18:00 - Freitag 14-09-2018 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
Interesting approach: Skill Squatting with Amazon Echo
Mishearing something every once in a while is a normal thing for humans. In that respect, Amazon Echo has some human characteristics as well. A research team from the University of Illinois has taken a closer look at Echo, Alexa and the abuse potential for malicious Alexa skills. They have presented their findings at the Usenix conference.
https://www.gdatasoftware.com/blog/2018/09/31112-skill-squatting-amazon-echo
Windows, Linux Kodi Users Infected With Cryptomining Malware
An anonymous reader quotes a report from ZDNet: Users of Kodi, a popular media player and platform designed for TVs and online streaming, have been the targets of a malware campaign, ZDNet has learned from cyber-security firm ..
https://it.slashdot.org/story/18/09/13/2118233/windows-linux-kodi-users-infected-with-cryptomining-malware
Apple Has Started Paying Hackers for iPhone Exploits
Lorenzo Franceschi-Bicchierai, reporting for Motherboard: In 2016, Apples head of security surprised the attendees of one of the biggest security conference in the world by announcing a bug bounty program for Apples mobile operating ..
https://it.slashdot.org/story/18/09/14/1441201/apple-has-started-paying-hackers-for-iphone-exploits
Unsuccessfully Defaced Websites
Defaced websites are a type of hack that is easy to notice and a pain for website owners. Recently, we came across some defacement pages with a peculiar JavaScript injection included in the source code. What is a ..
https://blog.sucuri.net/2018/09/unsuccessfully-defaced-websites.html
DarkCloud Bootkit
In an earlier blog about crypto-malware, we described different techniques used by cybercriminals, such as cryptomining and wallet stealing. In this blog, we will provide a technical analysis of yet another type of ..
https://www.zscaler.com/blogs/research/darkcloud-bootkit
Bug in Intels ME-Firmware: Wieder BIOS-Updates nötig
Die russischen Experten von PTE haben erneut einen schwerwiegenden Bug bei kryptografischen Schlüsseln in Intels Management Engine (ME) entdeckt.
https://heise.de/-4165732
GlobeImposter use new ways to spread to the globe: How to prevent falling victims?
Recently, there have been many incidents of ransomware attacks. Once users are ..
https://blog.360totalsecurity.com/en/globeimposter-use-new-ways-to-spread-to-the-globe-how-to-prevent-falling-victims/
Hacking an assault tank- A Nerf one
TL;DR A complex, challenging reverse and hijack of a toy tank Nerf gun camera, but the result was we got to shoot the 44Con conference organiser with it! Why A remote-controlled Nerf gun with ..
https://www.pentestpartners.com/security-blog/hacking-an-assault-tank-a-nerf-one/
Vulnerabilities
Honeywell Mobile Computers with Android Operating Systems
This advisory includes mitigations for an improper privilege management vulnerability in the Honeywell mobile computers running the Android Operating System.
https://ics-cert.us-cert.gov/advisories/ICSA-18-256-01
CVE-2018-16962: Webroot SecureAnywhere macOS Kernel Level Memory Corruption
https://trustwave.com/Resources/SpiderLabs-Blog/CVE-2018-16962--Webroot-SecureAnywhere-macOS-Kernel-Level-Memory-Corruption/
HPESBHF03866 rev.1 - HPE Integrated Lights-Out 3,4,5 using SSH, Remote Execution of Arbitrary Code and Disclosure of Sensitive Information
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03866en_us