[CERT-daily] Tageszusammenfassung - Freitag 11-04-2014

Daily end-of-shift report team at cert.at
Fri Apr 11 18:25:29 CEST 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 10-04-2014 18:00 − Freitag 11-04-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Stephan Richter




*** Heartbleed vendor informations / statistics ***
---------------------------------------------
https://isc.sans.edu/diary/Heartbleed+vendor+notifications/17929
https://www.cert.fi/en/reports/2014/vulnerability788210.html
http://securityaffairs.co/wordpress/23878/intelligence/statistics-impact-heartbleed.html




*** Gehackte Online-Konten: Mehr als zehn Millionen Abrufe von Sicherheitstest ***
---------------------------------------------
Auch der zweite Sicherheitscheck des BSI zu gehackten Online-Konten stößt auf großes Interesse. Für Verwirrung sorgt aber weiter eine Sicherheitssperre von GMX und web.de.
---------------------------------------------
http://www.golem.de/news/gehackte-online-konten-mehr-als-zehn-millionen-abrufe-von-sicherheitstest-1404-105787-rss.html




*** The Heartbleed Hit List: The Passwords You Need to Change Right Now ***
---------------------------------------------
... it hasnt always been clear which sites have been affected. Mashable reached out to various companies included on a long list of websites that could potentially have the flaw. Below, weve rounded up the responses from some of the most popular social, email, banking and commerce sites on the web.
---------------------------------------------
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/




*** Heartbleed Vulnerability Affects 5% of Select Top Level Domains from Top 1M ***
---------------------------------------------
In trying to gauge the impact of the Heartbleed vulnerability, we proceeded to scanning the Top Level Domain (TLD) names of certain countries extracted from the top 1,000,000 domains by Alexa. We then proceeded to separate the sites which use SSL and further categorized those under "vulnerable" or "safe". The data we were able to...
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/heartbleed-vulnerability-affects-5-of-top-1-million-websites/




*** Spionage-Botnet nutzte Heartbleed-Lücke schon vor Monaten aus ***
---------------------------------------------
Bereits im November hat ein auf Spionage ausgelegtes Botnet offenbar versucht, durch die OpenSSL-Lücke Daten abzugreifen - möglicherweise im Auftrag eines Geheimdienstes. Die gute Nachricht ist: Die Anzahl der noch verwundbaren Server ist rückläufig.
---------------------------------------------
http://www.heise.de/security/meldung/Spionage-Botnet-nutzte-Heartbleed-Luecke-schon-vor-Monaten-aus-2167934.html




*** Heartbleed: Apple-Nutzer sind nicht betroffen ***
---------------------------------------------
Weder Mac OS X, iOS noch Apples Dienste wie iCloud sind von der Heartbleed-Schwachstelle betroffen. Denn Apple verzichtet auf OpenSSL. Einige Apps verwenden die Kryptobibliothek jedoch. (Apple, Server-Applikationen)
---------------------------------------------
http://www.golem.de/news/heartbleed-apple-nutzer-sind-nicht-betroffen-1404-105803-rss.html




*** Heartbleed Explanation ***
---------------------------------------------
http://xkcd.com/1354/




*** Critical Update for JetPack WordPress Plugin ***
---------------------------------------------
The Jetpack team just released a critical security update to fix a security vulnerability in the Jetpack WordPress plugin. The vulnerability allows an attacker to bypass the site's access control and publish posts on the site. All versions of JetPack since October, 2012 (Jetpack 1.9) are vulnerable, and all users should update to version 2.9.3
---------------------------------------------
http://blog.sucuri.net/2014/04/critical-update-for-jetpack-wordpress-plugin.html




*** Security Updates for VMware vSphere ***
---------------------------------------------
http://www.vmware.com/security/advisories/VMSA-2014-0002.html
http://www.vmware.com/security/advisories/VMSA-2014-0003.html




*** IBM SPSS Analytic Server Discloses Passwords to Remote Authenticated Users ***
---------------------------------------------
http://www.securitytracker.com/id/1030051




*** [2014-04-11] Multiple vulnerabilities in Plex Media Server ***
---------------------------------------------
Plex Media Server contains several vulnerability that allow an attacker to intercept traffic between Plex Media Server and clients in plaintext. Furthermore Cross Site Request Forgery (CSRF) vulnerabilities allow an attacker to execute privileged commands in the context of Plex Media Server.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140411-0_Plex_Media_Server_Multiple_Vulnerabilities_v10.txt


More information about the Daily mailing list