[CERT-daily] Tageszusammenfassung - Mittwoch 10-10-2012

Wed Oct 10 18:12:41 CEST 2012

=======================
= End-of-Shift report =
=======================
Timeframe:   Dienstag 09-10-2012 18:00 − Mittwoch 10-10-2012 18:00
Handler:     Matthias Fraidl
Co-Handler:  Stephan Richter

*** Proxy service users download malware, unknowingly join botnet ***
---------------------------------------------
"In yet another example of if-its-too-good-to-be-true-it-probably-isnt, hundreds of thousands of users signing up for a cheap and supposedly legitimate proxy service have ended up downloading malware and being ensnared into a botnet. "The malware is Backdoor. Proxybox, and our investigation has revealed an entire black hat operation, giving us interesting information on the operation and size of this botnet, and leading us to information that may identify the actual malware
---------------------------------------------
http://www.net-security.org/malware_news.php?id=2290


*** Kernel crimps make Windows 8 a hacker hassle ***
---------------------------------------------
The kernel is the new battleground, says ReactOS and iOS co-author Alex Ionescu Windows 8 will make hackers lives hard, says Windows internals expert, security researcher and co-author of Apples iOS and the open source Windows XP clone ReactOS, Alex Ionescu.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2012/10/09/windws_8_hacker_hassle/


*** Microsoft to devs: Bug users about security ... now! ***
---------------------------------------------
Redmond reveals how and when it decides to remind you about security Microsoft has revealed the guidelines it gives its own developers to help them decide when users need a rude reminder to stop putting themselves at risk of security problems.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2012/10/10/microsoft_neat_and_spruce_security_guidelines/


*** RSA simple password-protection to stop hackers ***
---------------------------------------------
"RSA, the security division of EMC, today announced a security product intended to protect simple passwords stored within businesses for authentication purposes, by splitting these passwords in two pieces kept separately, in theory making it harder for hackers to get hold of them. Yahoos massive data breach contains Gmail, Hotmail, Comcast user names and passwordsThis year has seen a large number of password hacking exploits, including those against Yahoo, dating site eHarmony, and
---------------------------------------------
http://www.itworld.com/security/301646/rsa-simple-password-protection-stop-hackers


*** Mysterious Algorithm Was 4% of Trading Activity Last Week ***
---------------------------------------------
A single mysterious computer program that placed orders - and then subsequently canceled them - made up 4 percent of all quote traffic in the U.S. stock market last week, according to the top tracker of high-frequency trading activity. The motive of the algorithm is still unclear. The program placed orders in 25-millisecond bursts involving about 500 stocks, according to Nanex, a market data firm.
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/gouGx0l7Y5E/mysterious-algorithm-was-4-of-trading-activity-last-week


*** Oktober ist Office-Patch-Monat ***
---------------------------------------------
Microsoft schließt an seinem aktuellen Patchday sieben Sicherheitslücken, eine davon mit der Risikobewertung "kritisch", die restlichen mit der Bewertung "hoch". Vier der veröffentlichten Sicherheitsnotzien betreffen Microsoft Office, die kritische Lücke findet sich in allen Versionen von Word. Hier sind besonders Nutzer mit Administrationsrechten dem Risiko ausgesetzt, ihr System beim Aufrufen einer Website mit Schadcode zu infizieren.
---------------------------------------------
http://www.heise.de/security/meldung/Oktober-ist-Office-Patch-Monat-1726703.html/from/atom10


*** Google disappears for Irish internet users - but was it a nameserver hack or admin screwup? ***
---------------------------------------------
Thousands of Irish internet users found that they were unable to access Google earlier today when the nameservers for google.ie began to point to a third-party server based in Indonesia.
---------------------------------------------
http://nakedsecurity.sophos.com/2012/10/09/google-disappears-for-irish-internet-users-but-was-it-a-nameserver-hack-or-admin-screwup/


*** Data-stealing hackers use DDoS to distract from attacks ***
---------------------------------------------
Cybercriminals are distracting banks and other businesses with a DDoS
attack while they quietly lay siege to sensitive data on the network,
which they can use for credit card cloning and other fraud.
---------------------------------------------
http://www.zdnet.com/symantec-data-stealing-hackers-use-ddos-to-distract-from-attacks-7000005481/


*** Vuln: Microsoft Windows Kerberos CVE-2012-2551 Denial of Service Vulnerability ***
---------------------------------------------
Microsoft Windows Kerberos CVE-2012-2551 Denial of Service Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/55778


*** Vuln: Perl HTML::Template::Pro Module Cross Site Scripting Vulnerability ***
---------------------------------------------
Perl HTML::Template::Pro Module Cross Site Scripting Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/51117