[CERT-daily] Tageszusammenfassung - Dienstag 30-07-2013

Daily end-of-shift report team at cert.at
Tue Jul 30 18:02:08 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 29-07-2013 18:00 − Dienstag 30-07-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  Otmar Lendl

*** Microsoft Expands MAPP Program to Incident Response Teams ***
---------------------------------------------
Microsoft is expanding its MAPP program that shares attack and protection information with other security vendors and will now be sharing some data with incident responders, as well. The new system will enable organizations such as CERTs and internal IR teams to exchange information on specific attacks and general threats. 
---------------------------------------------
http://threatpost.com/microsoft-expands-mapp-program-to-incident-response-teams/101524




*** Texas students hijack superyacht with GPS-spoofing luggage ***
---------------------------------------------
Dont panic, yet Students from the University of Texas successfully piloted an $80m superyacht sailing 30 miles offshore in the Mediterranean Sea by overriding the ships GPS signals without any alarms being raised...
---------------------------------------------
http://www.theregister.co.uk/2013/07/29/texas_students_hijack_superyacht_with_gpsspoofing_luggage/




*** How much does it cost to buy one thousand Russian/Eastern European based malware-infected hosts? ***
---------------------------------------------
By Dancho Danchev For years, many of the primary and market-share leading 'malware-infected hosts as a service' providers have become used to selling exclusive access to hosts from virtually the entire World, excluding the sale and actual infection of Russian and Eastern European based hosts.
---------------------------------------------
http://blog.webroot.com/2013/07/29/how-much-does-it-cost-to-buy-one-thousand-russianeastern-european-based-malware-infected-hosts




*** BGP multiple banking addresses hijacked, (Mon, Jul 29th) ***
---------------------------------------------
BGP multiple banking addresses hijacked  On 24 July 2013 a significant number of Internet Protocol (IP) addresses that belong to banks suddenly were routed to somewhere else. An IP address is how packets are routed to their destination across the Internet. Why is this important you ask? Well, imagine the Internet suddenly decided that you were living in the middle of Asia and all traffic that should go to you ends up traveling through a number of other countries to get to you, but you arent
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=16249&rss




*** Mail from the (Velvet) Cybercrime Underground ***
---------------------------------------------
Over the past six months, "fans" of this Web site and its author have shown their affection in some curious ways. One called in a phony hostage situation that resulted in a dozen heavily armed police surrounding my home. Another opened a $20,000 new line of credit in my name. Others sent more than $1,000 in bogus PayPal donations from hacked accounts.
---------------------------------------------
https://krebsonsecurity.com/2013/07/mail-from-the-velvet-cybercrime-underground




*** Custom USB sticks bypassing Windows 7/8's AutoRun protection measure going mainstream ***
---------------------------------------------
By Dancho Danchev When Microsoft disabled AutoRun on XP and Vista back in February, 2011, everyone thought this was game over for the bad guys who were abusing the removable media distribution/infection vector in particular.
---------------------------------------------
http://blog.webroot.com/2013/07/30/custom-usb-sticks-bypassing-windows-78s-autorun-protection-measure-going-mainstream




*** NASA: In die Cloud geschubst ***
---------------------------------------------
Von den Bundesbehörden in die Cloud gedrängt und ohne richtige Cloud-Strategie, schob die NASA Daten in die Wolke - nicht abgesichert und teils ohne Wissen des zuständigen Büros. Bei den Bundesbehörden setzt man aber weiterhin auf die Cloud.
---------------------------------------------
http://www.heise.de/security/meldung/NASA-In-die-Cloud-geschubst-1926189.html




*** CrowdSource Tool Aims to Improve Automated Malware Analysis ***
---------------------------------------------
When a new piece of malware surfaces, it's typically analyzed eight ways from Sunday by a long list of antimalware and other security companies, government agencies, CERTs and other organizations who try to break it down and classify its capabilities. 
---------------------------------------------
http://threatpost.com/crowdsource-tool-aims-to-improve-automated-malware-analysis/101526




*** Vuln: phpMyAdmin Multiple SQL Injection and Cross Site Scripting Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/bid/61493




*** Debian Security Advisory DSA-2730 gnupg ***
---------------------------------------------
http://www.debian.org/security/2013/dsa-2730




*** Bugtraq: MojoPortal XSS ***
---------------------------------------------
http://www.securityfocus.com/archive/1/527629




*** OpenOffice.org OOXML code execution ***
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/86002




*** FreeBSD NFS security bypass ***
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/86003




*** FluxBB 1.5.3 Multiple Remote Vulnerabilities ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013070223


More information about the Daily mailing list