Tageszusammenfassung - 16.01.2018

End-of-Day report

Timeframe: Montag 15-01-2018 18:00 − Dienstag 16-01-2018 18:00 Handler: Nina Bieringer Co-Handler: Stephan Richter

News

∗∗∗ Skygofree: Kaspersky findet mutmaßlichen Staatstrojaner ∗∗∗ Ein Unternehmen aus Italien soll hinter einer Android-Malware stecken, die seit Jahren verteilt wird. Interessant ist dabei die Vielzahl an Kontrollmöglichkeiten der Angreifer - von HTTP über XMPP und die Firebase-Dienste.

https://www.golem.de/news/skygofree-kaspersky-findet-mutmasslichen-staatstrojaner-1801-132197-rss.html ∗∗∗ WhatsApp und Signal: Forscher beschreiben Schwächen verschlüsselter Gruppenchats ∗∗∗ Zwar ist die Ende-zu-Ende-Verschlüsselung bei WhatsApp und Signal sicher, das Drumherum lässt aber eventuell zu wünschen übrig. So wird ein von Spionen gekaperter Kontrollserver mitunter zur Schwachstelle.

https://heise.de/-3942046

Vulnerabilities

∗∗∗ Security updates for Tuesday ∗∗∗ Security updates have been issued by Debian (ca-certificates, gdk-pixbuf, and graphicsmagick), Fedora (qtpass), openSUSE (python-openpyxl and syncthing), Slackware (kernel), and Ubuntu (gdk-pixbuf).

https://lwn.net/Articles/744503/rss ∗∗∗ BlackBerry powered by Android Security Bulletin – January 2018 ∗∗∗

http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000047401 ∗∗∗ Vuln: Atlassian JIRA CVE-2017-16862 Cross Site Request Forgery Vulnerability ∗∗∗

http://www.securityfocus.com/bid/102506 ∗∗∗ Vuln: Atlassian JIRA CVE-2017-16864 Cross Site Scripting Vulnerabiliy ∗∗∗

http://www.securityfocus.com/bid/102505 ∗∗∗ IBM Fix available for Insecure Direct Object Reference in IBM Cúram Social Program Management (CVE-2018-1362) ∗∗∗

http://www.ibm.com/support/docview.wss?uid=swg22012528 ∗∗∗ IBM Security Bulletin: Rational Developer for System z – Add support for TLS v1.2 with MS-CAPI in HCE ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22011808 ∗∗∗ IBM Security Bulletin: IBM Developer for z Systems – Add support for TLS v1.2 with MS-CAPI in HCE ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22011816 ∗∗∗ IBM Security Bulletin: IBM i2 COPLINK BeanShell Vulnerability (CVE-2016-2510) ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg21982952 ∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation (CVE-2017-10141, CVE-2017-10196) ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22012619 ∗∗∗ IBM Security Bulletin: IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation are affected by the ability to execute remote attacker’s arbitrary code on a target machine vulnerability ∗∗∗

http://www.ibm.com/support/docview.wss?uid=swg22010868 ∗∗∗ IBM Security Bulletin: Security vulnerabilities in IBM Java Runtime affect IBM RLKS Administration and Reporting Tool Admin ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22012476 ∗∗∗ IBM Security Bulletin: Vulnerability in Open Source cURL Libcurl affects IBM PureApplication. (CVE-2017-1000257) ∗∗∗

http://www.ibm.com/support/docview.wss?uid=swg22011203 ∗∗∗ IBM Security Bulletin: IBM Kenexa LCMS Premier on Cloud is affected by Open Source Commons FileUpload Apache Vulnerabilities ∗∗∗

http://www.ibm.com/support/docview.wss?uid=swg22011720 ∗∗∗ IBM Security Bulletin: Vulnerabilities in libxml2 affect Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows ∗∗∗

https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099753 ∗∗∗ [R1] SecurityCenter 5.6.1 Fixes Multiple Third-party Vulnerabilities ∗∗∗

http://www.tenable.com/security/tns-2017-16