[CERT-daily] Tageszusammenfassung - Montag 4-03-2013

Daily end-of-shift report team at cert.at
Mon Mar 4 18:03:14 CET 2013


=======================
= End-of-Shift report =
=======================
Timeframe:   Freitag 01-03-2013 18:00 − Montag 04-03-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  Robert Waldner

*** Bit9 Breach Began in July 2012 ***
---------------------------------------------
Cyber espionage hackers who broke into security firm Bit9 initially breached the companys defenses in July 2012, according to evidence being gathered by security experts investigating the incident. Bit9 remains reluctant to name customers that were impacted by the intrusion, but the custom-made malicious software used in the attack was deployed last year in highly targeted attacks against U.S. Defense contractors.Related Posts:New Java 0-Day Attack Echoes Bit9 BreachSecurity Firm Bit9 Hacked,
---------------------------------------------
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/T12Pp-nAeFw/




*** Exploit Sat on LA Times Website for 6 Weeks ***
---------------------------------------------
The Los Angeles Times has scrubbed its Web site of malicious code that served browser exploits and malware to potentially hundreds of thousands of readers over the past six weeks.Related Posts:Amnesty International Site Serving Java ExploitWhat You Need to Know About the Java ExploitAttackers Pounce on Zero-Day Java ExploitNasty Twitter Worm OutbreakNew Java 0-Day Attack Echoes Bit9 Breach
---------------------------------------------
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/6Ws9-MtXu3w/




*** Flame Windows Update Attack Could Have Been Repeated in 3 Days, Says Microsoft ***
---------------------------------------------
"When the sophisticated state-sponsored espionage tool known as Flame was exposed last year, there was probably no one more concerned about the discovery than Microsoft, after realizing that the tool was signed with an unauthorized Microsoft certificate to verify its trustworthiness to victim machines. The attackers also hijacked a part of Windows Update to deliver it to targeted machines. After examining the nature of the certificate attack and everything the malicious actors needed to
---------------------------------------------
http://www.wired.com/threatlevel/2013/03/flame-windows-update-copycat/




*** Apple blockiert veraltete Flash-Plug-ins in Safari ***
---------------------------------------------
Apples hauseigener Browser lässt den Start alter Versionen des Flash-Plug-in nicht mehr zu. Das soll offenbar kürzlich bekanntgewordene Angriffsmöglichkeiten unterbinden.
---------------------------------------------
http://rss.feedsportal.com/c/32407/f/463925/s/2921880b/l/0L0Sheise0Bde0Csecurity0Cmeldung0CApple0Eblockiert0Everaltete0EFlash0EPlug0Eins0Ein0ESafari0E181520A20Bhtml0Cfrom0Crss0A9/story01.htm




*** Notiz-Dienst Evernote wurde gehackt ***
---------------------------------------------
Die Betreiber des Online-Notizbuchs haben alle Anwender aufgefordert, ihre Passwörter zu ändern, nachdem sich Kriminelle Zugang zur Benutzerdatenbank verschafft hatten.
---------------------------------------------
http://rss.feedsportal.com/c/32407/f/463925/s/2925520f/l/0L0Sheise0Bde0Csecurity0Cmeldung0CNotiz0EDienst0EEvernote0Ewurde0Egehackt0E18152220Bhtml0Cfrom0Crss0A9/story01.htm




*** More Java-based malware plagues the cross-platform runtime ***
---------------------------------------------
"Java cannot seem to get a break. Only a few days after patching the last zero-day vulnerability, two more exploits are being found that make use of the runtime. One, as noted by Kaspersky, is a recent exploit of the latest runtimes attempts to install a McRAT executable by overwriting memory in the JVM that will trigger the executable to run...."
---------------------------------------------
http://reviews.cnet.com/8301-13727_7-57572168-263/more-java-based-malware-plagues-the-cross-platform-runtime/




*** Kaspersky Internet Security 2013 Remote system freeze ***
---------------------------------------------
Topic: Kaspersky Internet Security 2013 Remote system freeze Risk: Medium Text:I usually do not write security advisories unless absolutely necessary. This time I should, however I have neither the time,...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/MKm3MtRa-Q0/WLB-2013030023




*** Need an army of killer zombies? Yours for just $25 per 1,000 PCs ***
---------------------------------------------
Bring out your dead - theres a price per botnet head As little as $25 will buy you access to a thousand malware-infected PCs, neatly packaged as a botnet army to control or spy on. Thats according to a security researcher studying underground souks of zombie computers.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/03/04/botnet_price_list/




*** Prices fall, services rise in malware-as-a-service market ***
---------------------------------------------
"Prices are falling and the number of services is increasing as developers in the online underground compete fiercely for criminals looking to purchase botnets and other tools to mount cyber attacks. The trends in the so-called malware-as-a-service market reflect a maturing business in which any non-professional can buy or rent all the tools needed to build the malware, distribute it, and then siphon credit card and banking data and other personal information from compromised PCs.
---------------------------------------------
http://www.infoworld.com/d/security/prices-fall-services-rise-in-malware-service-market-213776






More information about the Daily mailing list