[CERT-daily] Tageszusammenfassung - Mittwoch 18-12-2013

Daily end-of-shift report team at cert.at
Wed Dec 18 18:21:46 CET 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 17-12-2013 18:00 − Mittwoch 18-12-2013 18:00
Handler:     Stephan Richter
Co-Handler:  n/a




*** Cybercriminals offer fellow cybercriminals training in Operational Security (OPSEC) ***
---------------------------------------------
In need of a fresh example that malicious and fraudulent adversaries continue professionalizing, and standardizing demanded cybercrime-friendly products and services, all for the sake of monetizing their experience and expertise in the profitable world of cybercrime? Publicly launched around the middle of 2013, a product/training course targeting novice cybercriminals is offering them a manual, recommendations for open source/free software, as well as access to a private forum set up for...
---------------------------------------------
http://www.webroot.com/blog/2013/12/17/cybercriminals-offer-fellow-cybercriminals-training-in-operational-security-opsec/




*** Apple stopft Lücken in WebKit und Safari ***
---------------------------------------------
Mit den Safari-Versionen 6.1.1 und 7.0.1 behebt Apple einige Speicherverwaltungsfehler in WebKit, die zur Ausführung von Schadcode über das Internet missbraucht werden können.
---------------------------------------------
http://www.heise.de/security/meldung/Apple-stopft-Luecken-in-WebKit-und-Safari-2068518.html




*** DGA Changer Malware Able to Modify Domain-Generation Seed on the Fly ***
---------------------------------------------
Malware authors have been using domain-generation algorithms for a few years now, often in botnet-related malware that needs to stay one step ahead of takedown attempts and law enforcement agencies. Now, researchers have discovered that a strain of malware that may have been part of the attack in October on PHP.net is employing a DGA...
---------------------------------------------
http://threatpost.com/dga-changer-malware-able-to-modify-domain-generation-seed-on-the-fly/103225




*** The Biggest Skimmers of All: Fake ATMs ***
---------------------------------------------
This blog has spotlighted some incredibly elaborate and minaturized ATM skimmers, fraud devices that thieves attach to ATMs in a bid to steal card data and PINs. But a skimmer discovered in Brazil last month takes this sort of fraud to another level, using a completely fake ATM designed to be stacked directly on top...
---------------------------------------------
http://krebsonsecurity.com/2013/12/the-biggest-skimmers-of-all-fake-atms/




*** A quick look at a (new?) cross-platform DDoS botnet ***
---------------------------------------------
At the beginning of December we started to observe a new botnet spreading on both Linux and Windows machines. In case of the Linux operating systems, the bot was installed through an SSH dictionary attack. The attacker logged in to compromised server and simply downloaded and executed a bot file. The malware...
---------------------------------------------
https://www.cert.pl/news/7849/langswitch_lang/en




*** [SECURITY] [DSA 2821-1] gnupg security update ***
---------------------------------------------
http://lists.debian.org/debian-security-announce/2013/msg00235.html




*** Cisco ONS 15454 Transport Node Controller Denial of Service Vulnerability ***
---------------------------------------------
An issue in the tNetTaskLimit process of the Cisco ONS 15454 Transport Node Controller (TNC) could allow an unauthenticated, remote attacker to cause the TNC to reload due to a watchdog timeout.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701




*** Security Bulletin: Multiple vulnerabilities in IBM SPSS Collaboration and Deployment Services ***
---------------------------------------------
Multiple vulnerabilities exist in IBM SPSS Collaboration and Deployment Services. See the individual descriptions for details.
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg21660191




*** IBM Scale Out Network Attached Storage (SONAS) Multiple Vulnerabilities ***
---------------------------------------------
Multiple vulnerabilities have been reported in IBM Scale Out Network Attached Storage, which can be exploited by malicious people to conduct spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.
---------------------------------------------
https://secunia.com/advisories/56095




*** Security Bulletin: GSKit SSL negotiation vulnerability in Tivoli Access Manager for e-business (CVE-2013-6329) ***
---------------------------------------------
A vulnerability has been identified in the GSKit component utilized by Tivoli Access Manager for e-business (TAM). A specially crafted SSL message can cause the TAM server component using GSKit to crash  CVE(s): CVE-2013-6329  Affected product(s) and affected version(s): All supported Tivoli Access Manager for e-business versions are affected.
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_gskit_ssl_negotiation_vulnerability_in_tivoli_access_manager_for_e_business_cve_2013_6329?lang=en_us




*** RealOne RMP File Heap Overflow Lets Remote Users Execute Arbitrary Code ***
---------------------------------------------
http://www.securitytracker.com/id/1029511




*** Vuln: Juvia Ruby on Rails secret_token.rb Default Secret Key Security Bypass Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/64368




*** Vuln: ownCloud Admin Page Unspecified Security Bypass Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/63926




*** Zimbra Collaboration Server Unspecified Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/56138




*** Python Hash Collision Denial of Service Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/55955


More information about the Daily mailing list