[CERT-daily] Tageszusammenfassung - Montag 18-03-2013

Daily end-of-shift report team at cert.at
Mon Mar 18 18:01:53 CET 2013


=======================
= End-of-Shift report =
=======================
Timeframe:   Freitag 15-03-2013 18:00 − Montag 18-03-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  Stephan Richter

*** Expert: Social Networks Targeted for Drive-By Exploits ***
---------------------------------------------
"Malware was spread in unique ways in 2012, particularly through drive-by exploits. In 2013, organizations can expect more exploits targeting social networks, says Adam Kujawa of anti-malware vendor Malwarebytes."The method in which the links to drive-bys have been spread was pretty unique [in 2012]," says Kujawa, a malware intelligence analyst. "We can see that moving over into 2013."Kujawa says cybercriminals are increasingly targeting social networking sites and
---------------------------------------------
http://www.govinfosecurity.com/malware-emerging-trends-a-5598




*** The World Has No Room For Cowards ***
---------------------------------------------
Its not often that one has the opportunity to be the target of a kinetic and cyber attack at the same time. But that is exactly whats happened to me and my Web site over the past 24 hours. On Thursday afternoon, my site was the target of a fairly massive denial of service attack. That attack was punctuated by a visit from a heavily armed local police unit that was tricked into responding to a 911 call spoofed to look like it came from my home.
---------------------------------------------
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/uD9Evlztjaw/




*** Debian Security Advisory DSA-2649 lighttpd ***
---------------------------------------------
fixed socket name in world-writable directory
---------------------------------------------
http://www.debian.org/security/2013/dsa-2649




*** Sicherheitsunternehmen analysiert Angriffe auf Industriesteuerungen ***
---------------------------------------------
Auf der Security-Konferenz Black Hat Europe stellte Trend Micro einen Forschungsbericht über einen einen Praxisversuch vor und zeigt, von wo aus und auf welche Art industrielle Systeme mit Malware angegriffen werden.
---------------------------------------------
http://www.heise.de/security/meldung/Sicherheitsunternehmen-analysiert-Angriffe-auf-Industriesteuerungen-1824170.html



*** Analysis of the Booter.TW ***
---------------------------------------------
"Earlier this week, famous InfoSec blogger Brian Krebs website suffered from a denial of service attack that knocked it offline. Following the attack Brian posted an article, "The World has No Room for Cowards", which detailed how he had been SWATed following the attacks against his site. In his article he talked about some of the indicators of who may be behind the attack...."
---------------------------------------------
http://www.reversecurity.com/2013/03/analysis-of-bootertw.html




*** Android malware analysis tool ***
---------------------------------------------
"Bluebox Labs announced Dexter, a free tool to help researchers and enterprise security teams analyze applications for malware and vulnerabilities. The Dexter platform provides software architecture information presented through a web-based user interface...."
---------------------------------------------
http://www.net-security.org/secworld.php?id=14605




*** You Only Click Twice: FinFisher's Global Proliferation ***
---------------------------------------------
This post describes the results of a comprehensive global Internet scan for the command and control servers of FinFisher's surveillance
software. It also details the discovery of a campaign using FinFisher in Ethiopia used to target individuals linked to an opposition group.
---------------------------------------------
https://citizenlab.org/2013/03/you-only-click-twice-finfishers-global-proliferation-2/




*** Online Security Tools (Malware, Sandboxes, Hash Checking, Cracking, DNSBL, SSL, BGP) ***
---------------------------------------------
Some readers and friends convinced me recently to start posting some
articles in english as well - to reach a wider audience. Lets start with a quick post containing a list of very useful online security tools. The services are very useful for incident responders, forensicators and security information practitioners.
---------------------------------------------
http://sseguranca.blogspot.fr/2012/03/online-security-tools-malware-sandboxes.html




*** Bugtraq: [SECURITY] [DSA 2646-1] typo3-src security update ***
---------------------------------------------
[SECURITY] [DSA 2646-1] typo3-src security update
---------------------------------------------
http://www.securityfocus.com/archive/1/526030




*** From Russia With Bots: Finding The Source Of Cyber Attacks ***
---------------------------------------------
While media and government source continue to allude to China as the
biggest source of cyber attacks hitting innocent servers on the
Internet, recent evidence instead suggests it's the Russian Federation
that's king of the cyber attack mountain.
---------------------------------------------
http://readwrite.com/2013/03/18/from-russia-with-bots-finding-the-source-of-cyber-attacks


More information about the Daily mailing list