[CERT-daily] Tageszusammenfassung - Dienstag 10-09-2013

Tue Sep 10 18:04:57 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 09-09-2013 18:00 − Dienstag 10-09-2013 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter


*** Book Review: The Practice of Network Security Monitoring ***
---------------------------------------------
benrothke writes "It has been about 8 years since my friend Richard Bejtlichs (note, that was a full disclosure my friend) last book Extrusion Detection: Security Monitoring for Internal Intrusions came out. That and his other 2 books were heavy on technical analysis and real-word solutions. Some titles only start to cover ground after about 80 pages of introduction. With this highly informative and actionable book, you are already reviewing tcpdump output at page 16. In The Practice of
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/GDJ5LDb-zAY/story01.htm


*** Researchers Call for Ban on PHP SuperGlobal Variables ***
---------------------------------------------
Researchers urge developers to ban PHP SuperGlobal variables in applications. These variables are wide open to remote code execution, remote file inclusion and security bypasses.
---------------------------------------------
http://threatpost.com/researchers-call-for-ban-on-php-superglobal-variables/102224


*** Keeping Data Secret, Even From Apps That Use It ***
---------------------------------------------
Nervals Lobster writes "Datacenters wanting to emulate Google by encrypting their data beyond the ability of the NSA to crack it may get some help from a new encryption technique that allows data to be stored, transported and even used by applications without giving away any secrets. In a paper to be presented at a major European security conference this week, researchers from Denmark and the U.K. collaborated on a practical way to implement a long-discussed encryption concept called
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/xYV9IJvP0OQ/story01.htm


*** Online security: it’s in your interest! 1st European Cyber Security Month coming up in October ***
---------------------------------------------
In October 2013, the first fully-fledged European Cyber Security Month (ECSM) will take place all over Europe.
---------------------------------------------
http://www.enisa.europa.eu/media/press-releases/online-security-it2019s-in-your-interest-1st-european-cyber-security-month-coming-up-in-october


*** MIPS-Router mit Entropieproblemen ***
---------------------------------------------
Die MIPS-Ausgabe von Linux erzeugt Zufallszahlen mit Hilfe von fragwürdigen Entropiewerten, was die Angreifbarkeit von kryptografischen Schlüsseln erhöht. Dies betrifft eine ganze Reihe von Routern für den Endverbraucher-Markt.
---------------------------------------------
http://www.heise.de


*** iPhone 5S Phishing Mail Arrives In Time for Launch ***
---------------------------------------------
While millions of mobile users are anticipating the launch of the new iPhone (5S and 5C), cybercriminals are already making their move to distribute spam that promise to give away the said devices for free, in the guise of a contest. We saw samples of spammed messages that attempted to spoof an Apple Store email […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroiPhone 5S Phishing Mail Arrives In Time for Launch
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/zf_EldxUPaU/


*** Windows Phone 7: a look at popular apps and their data storage practices ***
---------------------------------------------
This paper looks at how popular Windows Phone 7 apps address data storage with a focus on the platforms initial lack of data protection APIs and how that influenced the type of and manner in which data was kept on a users device.
---------------------------------------------
https://www.isecpartners.com/media/106503/wp7_app_survey_storage.pdf


*** NSA-Affäre: Generatoren für Zufallszahlen unter der Lupe ***
---------------------------------------------
Nachdem bekannt wurde, dass die NSA eine Backdoor in einen von NIST veröffentlichten Zufallszahlengenerator einbaute, werden nun viele Entropie-Quellen mit gesundem Misstrauen geprüft. So auch Intels Chip-basierte RDRAND-Funktion unter Linux.
---------------------------------------------
http://www.heise.de/security/meldung/NSA-Affaere-Generatoren-fuer-Zufallszahlen-unter-der-Lupe-1953716.html


*** iPhone 5S: Fingerabdruckscanner können ausgetrickst werden ***
---------------------------------------------
Einfache Systeme mit Fotokopien täuschbar - Experten orten Probleme auch in zentralen Datenbanken
---------------------------------------------
http://derstandard.at/1378248579562


*** HPSBPV02918 rev.1 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse ***
---------------------------------------------
Potential security vulnerabilities have been identified with HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM). These vulnerabilities could be exploited remotely to allow SQL injection, remote code execution and session reuse.
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03897409


*** Bugtraq: FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl ***
---------------------------------------------
http://www.securityfocus.com/archive/1/528520


*** Bugtraq: Open-Xchange Security Advisory 2013-09-10 ***
---------------------------------------------
http://www.securityfocus.com/archive/1/528519


*** Bugtraq: Multiple vulnerabilities on D-Link Dir-505 devices ***
---------------------------------------------
http://www.securityfocus.com/archive/1/528516