[CERT-daily] Tageszusammenfassung - Freitag 14-09-2012

Otmar Lendl lendl at cert.at
Mon Sep 17 15:30:37 CEST 2012


=======================
= End-of-Shift report =
=======================
Timeframe:   Donnerstag 13-09-2012 18:00 - Freitag 14-09-2012 18:00
Handler:     Stephan Richter




*** The Tinba/Tinybanker Malware ***
---------------------------------------------
"Trend Micro and CSIS have released a joint white paper about the Tinba
information-stealing malware. The paper contains a thorough technical
analysis of the malware itself, as well as the architecture of its
infrastructure, and its ties to other illegal activities. What is Tinba?..."
---------------------------------------------
http://blog.trendmicro.com/?p=44994




*** Blackhole 2: Crimeware kit gets stealthier, Windows 8 support ***
---------------------------------------------
Malware-flinging tool to target mobiles too Cybercrooks have unveiled a new
version of the Blackhole exploit kit. Version 2 of Blackhole is expressly
designed to better avoid security defences. Support for Windows 8 and
mobile devices is another key feature, a sign of the changing target
platforms for malware-based cyberscams.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2012/09/13/blackhole_exploit_kit_revamp/




*** Bugtraq: Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities ***
---------------------------------------------
Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities
---------------------------------------------
http://www.securityfocus.com/archive/1/524157




*** Over half of Android devices have unpatched holes ***
---------------------------------------------
Fix is up to your carrier, Google, mobo maker - just about everyone Duo
Security is claiming that "over half" of Android devices have unpatched
vulnerabilities.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2012/09/14/duo_says_android_security_nightmare/




*** Analyzing Malicious RTF Files Using OfficeMalScanners RTFScan, (Fri,
Sep 14th) ***
---------------------------------------------
Attackers have been using Rich Text Format (RTF) files to carry exploits
targeting vulnerabilities in Microsoft Office and other products. We
documented one such incident in June 2009. In a more recent example, the
CVE-2012-0158 vulnerability was present in Active X controls within
MSCOMCTL.OCX, which could be activated using Microsoft Office and other
applications. McAfee described one such exploit, which appeared in the wild
in April 2012:  In the malicious RTF, a vulnerable OLE...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=14092&rss




*** Lücke in SSL-Verschlüsselung kaum ausnutzbar ***
---------------------------------------------
Experten haben ein Problem bei der im Web üblichen SSL-Verschlüsselung
ausgemacht, das auftritt, wenn der Inhalt zuvor komprimiert wurde. Zum
Glück haben die betroffenen Browser-Hersteller bereits reagiert.
---------------------------------------------
http://www.heise.de/security/meldung/Luecke-in-SSL-Verschluesselung-kaum-ausnutzbar-1708371.html/from/atom10




*** Vuln: OpenSLP SLPIntersectStringList() Function Denial of Service
Vulnerability ***
---------------------------------------------
OpenSLP SLPIntersectStringList() Function Denial of Service Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/55540




*** [webapps] - Trend Micro InterScan Messaging Security Suite Stored XSS
and CSRF ***
---------------------------------------------
Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF
---------------------------------------------
http://www.exploit-db.com/exploits/21319





More information about the Daily mailing list