[CERT-daily] Tageszusammenfassung - Mittwoch 12-09-2012

Mon Sep 17 15:25:42 CEST 2012

=======================
= End-of-Shift report =
=======================
Timeframe:   Dienstag 11-09-2012 18:05 - Mittwoch 12-09-2012 18:00
Handler:     Stephan Richter
Co-Handler:  Christian Wojner


*** Bugtraq: ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities ***
---------------------------------------------
ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities
---------------------------------------------
http://www.securityfocus.com/archive/1/524142


*** Bugtraq: Multiple vulnerabilities in Ezylog photovoltaic management
server ***
---------------------------------------------
Multiple vulnerabilities in Ezylog photovoltaic management server
---------------------------------------------
http://www.securityfocus.com/archive/1/524140


*** Vuln: libguac Remote Buffer Overflow Vulnerability ***
---------------------------------------------
libguac Remote Buffer Overflow Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/55497


*** The geography of cybercrime: Western Europe and North America ***
---------------------------------------------
"The Internet knows no borders, but according to our data, cybercrime has
specific geographical features. In different parts of the world
cybercriminals launch different malicious programs, their attacks have
different priorities and they use different tricks to make money. This is
not just due to their physical location, but also due to the nature of the
countries where their potential victims are located...."
---------------------------------------------
http://www.securelist.com/en/analysis/204792244/The_geography_of_cybercrime_Western_Europe_and_North_America


*** Cosmo, the Hacker God Who Fell to Earth ***
---------------------------------------------
"Cosmo is huge 6 foot 7 and 220 pounds the last time he was weighed, at a
detention facility in Long Beach, California on June 26. And yet hes
getting bigger, because Cosmo also known as Cosmo the God, the
social-engineering mastermind who weaseled his way past security systems at
Amazon, Apple, AT&T, PayPal, AOL, Netflix, Network Solutions, and Microsoft
is just 15 years old. He turns 16 next March, and he may very well do so
inside a prison cell...."
---------------------------------------------
http://www.wired.com/gadgetlab/2012/09/cosmo-the-god-who-fell-to-earth/


*** Inside your users brains: Where they get security advice ***
---------------------------------------------
"IT professionals work hard to become experts in their field. They also
work hard protecting the infrastructure and users they're responsible for.
Unfortunately, not everyone has access to an IT expert...."
---------------------------------------------
http://www.techrepublic.com/blog/security/inside-your-users-brains-where-they-get-security-advice/8361?tag=nl.e098&s_cid=e098


*** Microsoft will Flash-LÃ¼cke im IE10 nun doch schlieÃen ***
---------------------------------------------
Nachdem es Kritik hagelte, will Microsoft den in seinem neuen Internet
Explorer festintegrierten Flash Player nun doch vor der offiziellen
Freigabe von Windows 8 aktualisieren.
---------------------------------------------
http://www.heise.de/security/meldung/Microsoft-will-Flash-Luecke-im-IE10-nun-doch-schliessen-1705228.html/from/atom10


*** Vuln: Dnsmasq Remote Denial of Service Vulnerability ***
---------------------------------------------
Dnsmasq Remote Denial of Service Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/54353


*** Cyber security strengthened at EU institutions ***
---------------------------------------------
"EU institutions have reinforced their fight against cyber threats by
establishing the EUs Computer Emergency Response Team, or CERT-EU, on a
permanent basis. This decision follows a successful one-year pilot for the
team, which drew positive assessments from clients and peers.
Vice-President Maros Sefcovic said: "The EU institutions, like any other
major organizations, are frequently the target of information security
incidents...."
---------------------------------------------
http://www.net-security.org/secworld.php?id=13580


*** Cyber Crime: The QR code: A new frontier in mobile attackability ***
---------------------------------------------
A single poisoned link is all it takes to expose an entire organization to
a full-scale attack. Hackers write sophisticated browser-based attacks that
operate quite stealthily. Now, they're going a...
---------------------------------------------
http://feedproxy.google.com/~r/HelpNetSecurity/~3/OL5fpFtGGvU/article.php


*** Visas New End-to-End Encryption Service - P2P Encryption Program Aims
to Eliminate POS Card Risks ***
---------------------------------------------
"Visas new end-to-end encryption service aims to eliminate payment card
data at the merchant level. Eduardo Perez of Visas Risk Group discusses the
security value of this emerging solution. Visas Merchant Data Secure with
Point-to-Point Encryption solution wont launch until 2013...."
---------------------------------------------
http://www.bankinfosecurity.com/interviews/visas-new-end-to-end-encryption-service-i-1650?rf=2012-09-12-eb&elq=2961184241c74e9a881233c05439db31&elqCampaignId=