[CERT-daily] Tageszusammenfassung - Freitag 23-11-2012

Fri Nov 23 18:10:16 CET 2012

=======================
= End-of-Shift report =
=======================
Timeframe:   Donnerstag 22-11-2012 18:00 − Freitag 23-11-2012 18:00
Handler:     Stephan Richter
Co-Handler:  Christian Wojner


*** PASSTEAL Malware Lurking on File Sharing Sites ***
---------------------------------------------
"Variants of the PASSTEAL malware are propagating by masquerading as key generators for paid applications, popular e-books, and other software on file sharing services, according Alvin John Nieto, a threat response engineer at TrendMicros TrendLabs. PASSTEAL, as its name suggests, is a piece of malware that uses various password recovery tools to steal passwords stored in the browsers of its victims. Nieto claims PASSTEAL is novel in its deviation from keyloggers that simply log...
---------------------------------------------
http://threatpost.com/en_us/blogs/passteal-malware-lurking-file-sharing-sites-112112


*** Infographic of the week: Why ignoring information security is lethal ***
---------------------------------------------
"Infographic of the week: Why ignoring information security is lethal...."
---------------------------------------------
http://www.londonlovesbusiness.com/3978.article


*** New report by EU Agency ENISA on digital trap honeypots to detect cyber-attacks creates a buzz ***
---------------------------------------------
"The EU cyber security Agency ENISA is launching an in-depth study on 30 different digital traps or honeypots that can be used by Computer Emergency Response Teams (CERT)s and National/Government CERTs to proactively detect cyber-attacks. The study reveals barriers to understanding basic honeypot concepts and presents recommendations on which honeypot to use. An increasing number of complex cyber-attacks demand better early warning detection capabilities for CERTs...."
---------------------------------------------
http://www.cisionwire.com/enisa---european-network-and-information-security-agency/r/cyber-security-according-to-winnie-the-pooh--new-report-by-eu-agency-enisa-on--digital-trap--honeypo,c9338118


*** Netherlands - One in Five pay Police Virus ransom - Free tool to fix available ***
---------------------------------------------
"Comment Bricade: one of the Bricade Research Analysts, Arjen de Landgraaf, is also on this Dutch Zembla television program, where he is commenting on the new Gozi Prinimalka banking trojan, amongst others. Translated Article:According to the Dutch Team High Tech Crime (THTC) of the KLPD, one in five victims of the police ransomware scam is actually paying the 100 Euros ransom. Team Leader Pim Takkenberg says (Zembla, tonight on Dutch television, 21...."
---------------------------------------------
http://copsincyberspace.wordpress.com/2012/11/23/een-op-vijf-slachtoffers-betaalt-losgeld-politievirus/


*** Wurm manipuliert Datenbanken im Iran ***
---------------------------------------------
Das Sicherheitsunternehmen Symantec hat einen spezialisierten Wurm namens W32.Narilam entdeckt, der SQL-Datenbanken kompromittieren kann. Wie Symantec schreibt, "spricht" die Schadsoftware Persisch und Arabisch und scheint sich vor allem gegen Unternehmen im Iran zu richten.
---------------------------------------------
http://www.heise.de/security/meldung/Wurm-manipuliert-Datenbanken-im-Iran-1753143.html/from/atom10


*** Bugtraq: FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd ***
---------------------------------------------
FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd
---------------------------------------------
http://www.securityfocus.com/archive/1/524811

*** Bugtraq: FreeBSD Security Advisory FreeBSD-SA-12:06.bind ***
---------------------------------------------
FreeBSD Security Advisory FreeBSD-SA-12:06.bind
---------------------------------------------
http://www.securityfocus.com/archive/1/524810

*** Bugtraq: FreeBSD Security Advisory FreeBSD-SA-12:08.linux ***
---------------------------------------------
FreeBSD Security Advisory FreeBSD-SA-12:08.linux
---------------------------------------------
http://www.securityfocus.com/archive/1/524813