[CERT-daily] Tageszusammenfassung - Freitag 4-01-2013

Fri Jan 4 18:00:24 CET 2013

=======================
= End-of-Shift report =
=======================
Timeframe:   Donnerstag 03-01-2013 18:00 − Freitag 04-01-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  L. Aaron Kaplan

*** Apache Malware Installs Zeus ***
---------------------------------------------
"The worlds most widely used web server, Apache, is a conduit to inject malicious content into web pages served by an infected Linux server, without the knowledge of the website owner. Those are the results of an analysis of a malicious Apache module, detected by ESET. They called the malware Linux/Chapro.A. Although the malware can serve practically any type of content, in this specific case it installs a variant of Win32/Zbot, malware designed to steal information from online banking
---------------------------------------------
http://www.isssource.com/apache-malware-installs-zeus/


*** Bugtraq: Aastra IP Telephone encrypted .tuz configuration file leakage ***
---------------------------------------------
Aastra IP Telephone encrypted .tuz configuration file leakage
---------------------------------------------
http://www.securityfocus.com/archive/1/525190


*** Browser vendors rush to block fake google.com site cert ***
---------------------------------------------
Turkish authoritys goof could compromise data Google and other browser vendors have taken steps to block an unauthorized digital certificate for the " *.google.com" domain that fraudsters could have used to impersonate the search giants online services.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/01/04/turkish_fake_google_site_certificate/


*** Holey code, Batman! Microsoft to patch 12 vulns on Tuesday ***
---------------------------------------------
Christmas zero-day flaw not included Microsoft has issued its pre Patch Tuesday report, saying it will issue seven patches fixing 12 code flaws next week but it wont provide a permanent fix for the exploit discovered during the recent holidays that is already being used in the wild.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/01/04/microsoft_patch_tuesday/


*** Canadian Government Acknowledges Security Breach ***
---------------------------------------------
"An employee of Human Resources and Skills Development Canada (HRSDC) recently misplaced an unencrypted USB drive containing sensitive data on approximately 5,000 Canadian citizens."The lost data, which was reported to the HRSDC on Nov. 17, included names, Social Insurance Numbers (similar to Social Security numbers) and other information criminals could use to defraud victims," writes TechNewsDailys Ben Weitzenkorn."The department, which handles a variety of files including
---------------------------------------------
http://www.esecurityplanet.com/network-security/canadian-government-acknowledges-security-breach.html


*** Nicht zimperlich - DDoS-Attacken, gestohlene Daten: Harte Bandagen bei Lieferservices ***
---------------------------------------------
Strafbefehle gegen sieben Führungskräfte von Lieferheld wegen entwendeter Datenbank eines Konkurrenten
---------------------------------------------
http://derstandard.at/1356426716898/DDoS-Attacken-gestohlene-Daten-Harte-Bandagen-bei-Lieferservices


*** Over 18,000 PayPal Phishing Websites Identified in December 2012 ***
---------------------------------------------
"Phishing websites, ones created by cybercriminals to harvest sensitive information from unsuspecting users, have become highly problematic lately. Because theyre so effective, crooks have launched a considerable number of sites that replicate popular companies. For instance, according to a study performed by Trend Micro for December 2012, a total of 18,947 phishing websites have been found to replicate PayPal...."
---------------------------------------------
http://news.softpedia.com/news/Over-18-000-PayPal-Phishing-Websites-Identified-in-December-2012-318132.shtml


*** Major global Facebook Botnet taken down ***
---------------------------------------------
"A fraud ring worth around 525 million has been taken out of action by the joint efforts of Facebooks own security team and local police forces in the UK, Peru, the US and a number of other countries. The gang managed to steal the massive sum from Facebook users by secretly planting spyware on victims computers that would steal credit and bank card details. Along with financial details, personal information with worth on the black market was also lifted...."
---------------------------------------------
http://www.journalism.co.uk/press-releases/major-global-facebook-botnet-taken-down-/s66/a551654/