[CERT-daily] Tageszusammenfassung - Freitag 2-11-2012

Fri Nov 2 18:13:31 CET 2012

=======================
= End-of-Shift report =
=======================
Timeframe:   Mittwoch 31-10-2012 18:10 − Freitag 02-11-2012 18:10
Handler:     Robert Waldner
Co-Handler:  Otmar Lendl

*** Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities ***
---------------------------------------------
Topic: Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities Risk: Low Text:Advisory: Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities Advisory ID: SSCHADV2012-014 Author: Stefan Schurtz ...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/kE0J4Z10zwA/WLB-2012110005


*** [webapps] - Wordpress bbpress Plugin Multiple Vulnerabilities ***
---------------------------------------------
Wordpress bbpress Plugin Multiple Vulnerabilities
---------------------------------------------
http://www.exploit-db.com/exploits/22396


*** How to Fight New Gozi Banking Trojan - Crimeware Exploits Basic Authentication Used in U.S. ***
---------------------------------------------
"Fighting the new Trojan aimed at U.S. banks will require multiple measures, says RSA researcher Mor Ahuvia. Gozi Prinimalka is different, and institutions have to be mindful of its characteristics. Ahuvia, a cybercrime communications specialist for RSA FraudAction, says a new Trojan identified by RSA in early October will pose one of the greatest fraud threats U.S. banking institutions have ever seen...."
---------------------------------------------
http://www.bankinfosecurity.com/how-to-fight-new-gozi-banking-trojan-a-5256/p-1


*** Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing ***
---------------------------------------------
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing
---------------------------------------------
http://www.securityfocus.com/archive/1/524565


*** New Hacker Weapon Surfaces ***
---------------------------------------------
"A High Orbit Ion Cannon (HOIC) could just broaden the possibilities for attackers of all skill sets. The High Orbit Ion Cannon is a dangerous free-to-download, open-source program that can turn any user of any skill level into a powerful hacker, at least in terms of one form of attack, a distributed denial-of-service (DDoS). It is extremely easy to use...."
---------------------------------------------
http://www.isssource.com/new-hacker-weapon-surfaces/


*** Costs of tools and activities in the Russian cybercriminal underground ***
---------------------------------------------
"A new Trend Micro research paper describes a broad offering of tools and activities that can be bought and sold on underground forum shopping sites. It examines the prices charged for various types of services, while also providing examples of information shared among cybercriminals. In examining two dozen basic and fundamental tools and technologies that cybercriminals create and use to enhance their business, researchers also assess the top-ten ranked malicious activities and
---------------------------------------------
http://www.net-security.org/secworld.php?id=13884


*** One year after DigiNotar breach, Fox-IT details extent of compromise ***
---------------------------------------------
"The 2011 security breach at Dutch certificate authority (CA) DigiNotar resulted in an extensive compromise and was facilitated in part by shortcomings in the companys network segmentation and firewall configuration, according to Fox-IT, the security company contracted by the Dutch government to investigate the incident."The DigiNotar network was divided into 24 different internal network segments," Fox-IT said in its final investigation report, published earlier this week by the
---------------------------------------------
http://www.computerworld.com/s/article/9233138/One_year_after_DigiNotar_breach_Fox_IT_details_extent_of_compromise?taxonomyId=17


*** Joe Weiss 2012 ICS Security Conference Highlights ***
---------------------------------------------
"The twelfth ICS Security has come and gone, and it sounds from the tone of Joes write-up that whatever progress theres been to date in awareness and/or improved capabilities has been frustratingly slow and incremental. After twelve years, I guess we can call that a trend. Nevertheless, the best parts often seem to involve drama related to actual events in the field...."
---------------------------------------------
http://smartgridsecurity.blogspot.nl/2012/11/joe-weiss-2012-ics-security-conference.html


*** Windows 8 exploit combining several 0-days already up for sale ***
---------------------------------------------
"Less that a week after Microsoft released is long awaited Windows 8, with new and improved security features, French bug hunters VUPEN Security have announced that they have created an exploit for the new OS version that takes advantage of several zero-day flaws:In the light of this discovery, the tweet that VUPEN CEO and head researcher Chaouki Bekrar posted upon the OSs release seems almost to mock Microsofts efforts. The company, which has become well known in security circles
---------------------------------------------
http://www.net-security.org/secworld.php?id=13890