[CERT-daily] Tageszusammenfassung - Mittwoch 29-05-2013

Daily end-of-shift report team at cert.at
Wed May 29 18:02:47 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 28-05-2013 18:00 − Mittwoch 29-05-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  Robert Waldner

*** How Targeted Attacks And Cybercrime Go Together ***
---------------------------------------------
For cybercriminals everywhere, it's still business as usual. The recent global ATM heist that stole a total of $45M showed that orchestrated targeted attacks continues to plague organizations globally. Legacy approaches to identifying threats are not keeping up with the tactics being used to exfiltrate precious assets and corporate secrets.
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/J7IrBLritF0/




*** Microsoft loads botnet-crushing data into Azure ***
---------------------------------------------
C-TIP gives ISPs near-realtime access to MARS data Microsoft is plugging its security intelligence systems into Azure so that service providers and local authorities can get near-realtime information on botnets and malware detected by Redmond.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/05/28/microsoft_azure_ctip_security/




*** Critical Ruby on Rails bug exploited in wild, hacked servers join botnet ***
---------------------------------------------
Attackers success shows many servers still arent patched. Is yours?
---------------------------------------------
http://feeds.arstechnica.com/~r/arstechnica/security/~3/gjidr1iHpyo/




*** Child-Porn Suspect Ordered to Decrypt His Own Data ***
---------------------------------------------
federal magistrate is reversing course and ordering a Wisconsin man suspected of possessing child pornography to decrypt hard drives the authorities seized from his residence. Decryption orders are rare, but are likely to become more commonplace as the public ...
---------------------------------------------
http://www.wired.com/threatlevel/2013/05/decryption-order/




*** Raspberry Pi puts holes in Chinas Great Firewall ***
---------------------------------------------
RPi plus WiFi hotspot plus VPN equals portable censorship destroyer A tech-savvy China-based Redditor has spotted a hassle-free way of ensuring he or she is always able to bypass the Great Firewall, even when out and about, using the Raspberry Pi to connect to a virtual private network (VPN).
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/05/29/raspberry_pi_helps_hassle_free_circumvention_great_firewall/




*** Secunia Broadcasts Zero-day Vulnerability via Email ***
---------------------------------------------
SecurityWeek has learned that Secunia, a Danish vulnerability management firm, disclosed an unpatched vulnerability within an image viewing application used by organizations in both the private and the defense sectors to a public mailing list.
---------------------------------------------
https://www.securityweek.com/secunia-broadcasts-zero-day-vulnerability-email




*** Release me from a botnet ***
---------------------------------------------
At the beginning of August 2012, an outbreak of the Dorifel virus was observed. This outbreak primarily infected systems in the Netherlands. The virus is being spread through the Citadel botnet. This factsheet will take a closer look at the relationship between Dorifel and Citadel, describe the impact of an infection and recommend steps to take if you are infected. We conclude with providing a number of tips to avoid infection.
---------------------------------------------
http://www.ncsc.nl/english/services/expertise-advice/knowledge-sharing/factsheets/release-me-from-a-botnet.html




*** IBM WebSphere Portal HTTP Response Splitting Vulnerability ***
---------------------------------------------
IBM WebSphere Portal HTTP Response Splitting Vulnerability
---------------------------------------------
https://secunia.com/advisories/53627




*** Vuln: socat CVE-2013-3571 Remote Denial of Service Vulnerability ***
---------------------------------------------
socat CVE-2013-3571 Remote Denial of Service Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/60170




*** Yahoo! Browser for Android spoofing ***
---------------------------------------------
Yahoo! Browser for Android spoofing
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/84541




*** Siemens Solid Edge ST5 ActiveX control code execution ***
---------------------------------------------
Siemens Solid Edge ST5 ActiveX control code execution
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/84530




*** TP-Link IP Cameras multiple vulnerabilities ***
---------------------------------------------
Core Security - Corelabs Advisory http://corelabs.coresecurity.com TP-Link IP Cameras Multiple Vulnerabilities
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013050202


More information about the Daily mailing list