[CERT-daily] Tageszusammenfassung - Dienstag 29-10-2013

Tue Oct 29 18:04:29 CET 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 28-10-2013 18:00 − Dienstag 29-10-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  n/a

*** Hintergrund: iOS-Virenscanner mit zweifelhaftem Nutzen ***
---------------------------------------------
Avira hat eine Virenschutz-App für iOS herausgegeben, die vor schadhaften Prozessen schützen soll. Welche das sind und wie diese erkannt werden, verrät das Unternehmen nicht.
---------------------------------------------
http://www.heise.de/security/artikel/iOS-Virenscanner-mit-zweifelhaftem-Nutzen-2035131.html


*** Exploit cocktail (Struts, Java, Windows) going after 3-month old vulnerabilities ***
---------------------------------------------
When ISC reader Yin reported earlier today that one of their servers had been hacked via the Apache Struts remote command execution vulnerability (CVE-2013-2251), at first this was flagged as "business as usual". Said vulnerability, after all, is known since July, and weve been seeing exploit attempts since early August (diary here).
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=16913


*** ATM malware Ploutus updated with English-language version ***
---------------------------------------------
The Spanish-language ATM malware, which allowed attackers in Mexico to force ATMs to spit out cash, now has an updated English-language version.
---------------------------------------------
http://www.scmagazine.com//atm-malware-ploutus-updated-with-english-language-version/article/318336/


*** Adobe Breach Impacted At Least 38 Million Users ***
---------------------------------------------
The recent data breach at Adobe that exposed user account information and prompted a flurry of password reset emails impacted at least 38 million users, the company now says. It also appears that the already massive source code leak at Adobe is broadening to include the companys Photoshop family of graphical design products.
---------------------------------------------
http://krebsonsecurity.com/2013/10/adobe-breach-impacted-at-least-38-million-users/


*** Analysis: Spam in September 2013 ***
---------------------------------------------
In September, the proportion of world spam in mail traffic continued to decline and reached 66%. As always the spammers focused on advertising seasonal goods and services. For example, the number of offers related to energy saving and insulating buildings increased significantly.
---------------------------------------------
http://www.securelist.com/en/analysis/204792309/Spam_in_September_2013


*** Routerpwn ***
---------------------------------------------
Routerpwn is a web application that helps you in the exploitation of vulnerabilities in residential routers. It is a compilation of ready to run local and remote web exploits.
---------------------------------------------
http://www.routerpwn.com/


*** Windows XP ist und bleibt ein hochriskantes System ***
---------------------------------------------
Im aktuellen Security Intelligence Report (SIR) warnt Microsoft erneut vor Windows XP. Sicherheits-Chef Tim Rains verteidigt die Entscheidung, den Support einzustellen.
---------------------------------------------
http://futurezone.at/digital-life/windows-xp-ist-und-bleibt-ein-hochriskantes-system/33.025.977


*** Internet Safety - Tips for Parents ***
---------------------------------------------
Internet basics can be as straightforward as pushing buttons or clicking a mouse. Understanding how youth use the Internet, however, can be an overwhelming task, especially for adults who don't spend much time online.
---------------------------------------------
http://bc.rcmp-grc.gc.ca/ViewPage.action?siteNodeId=87&languageId=1&contentId=21690


*** Cyber Security Assesment Netherlands ***
---------------------------------------------
Cybercrime and digital espionage remain the biggest threats to both governments and the business community. The threat of disruption of online services has increased. Clearly visible in the past year has been the rise of the criminal cyber services sector. Cyber-attack tools are made commercially available through `cybercrime as a service´.
---------------------------------------------
https://www.ncsc.nl/english/current-topics/news/cyber-security-assesment-netherlands.html


*** Social media and digital identity. Prevention and incident response ***
---------------------------------------------
The hack of a social media account is a common incident that could have a serious impact of our digital identity. How to prevent it? What to do in case of hack?
---------------------------------------------
http://securityaffairs.co/wordpress/19143/cyber-crime/social-media-security.html


*** Angebliches Fritzbox-Fax entpuppt sich als Trojaner ***
---------------------------------------------
Schadhafte E-Mails, die sich als Fax-Benachrichtigungen einer Fritzbox tarnen, verbreiten sich momentan rapide. In dem beigefügten Zip-Archiv befindet sich nicht etwa ein Fax, sondern ein Trojaner.
---------------------------------------------
http://www.heise.de/security/meldung/Angebliches-Fritzbox-Fax-entpuppt-sich-als-Trojaner-2035618.html


*** Facebook Android Flaws Enable Any App to Get User's Access Tokens ***
---------------------------------------------
A researcher has discovered serious vulnerabilities in the main Facebook and Facebook Messenger apps for Android that enable any other app on a device to access the user's Facebook access token and take over her account.
---------------------------------------------
http://threatpost.com/facebook-android-flaws-enable-any-app-to-get-users-access-tokens/102724


*** [webapps] - Pirelli Discus DRG A125g - Password Disclosure Vulnerability. ***
---------------------------------------------
http://www.exploit-db.com/exploits/29262


*** DSA-2786 icu ***
---------------------------------------------
http://www.debian.org/security/2013/dsa-2786


*** vBulletin 4.1.x / 5.x.x Administrative User Injection ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013100192


*** MobileIron 4.5.4 Cross Site Scripting ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013100190


*** SAP Financial Services Statutory Reporting for Insurance (FS-SR) Unspecified Flaw Lets Remote Users Execute Arbitrary Code ***
---------------------------------------------
http://www.securitytracker.com/id/1029256