[CERT-daily] Tageszusammenfassung - Freitag 18-04-2014

Daily end-of-shift report team at cert.at
Fri Apr 18 18:17:13 CEST 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 17-04-2014 18:00 − Freitag 18-04-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Stephan Richter




*** Looking for malicious traffic in electrical SCADA networks - part 2 - solving problems with DNP3 Secure Authentication Version 5, (Thu, Apr 17th) ***
---------------------------------------------
I received this week a very valuable e-mail from the DNP Technical Committee Chair, Mr. Adrew West, who pointed an excellent observation and its the very slow adoption of DNP3 Secure Authentication Version 5, which is the latest security enhancement for the DNP3 protocol. I want to talk today about this standard and the advantages of adopting it into your DNP3 SCADA system. This standard has two specific objectives:  Help DNP3 outstation to determine beyond any reasonable doubt that its...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=17981&rss




*** Heartbleed Bug Sends Bandwidth Costs Skyrocketing ***
---------------------------------------------
The exposure of the Heartbleed vulnerability last week had a number of repercussions, one of which was to set off a mad scramble by companies to revoke the SSL certificates for their domains and services and obtain new ones. The total costs of Heartbleed are yet to be calculated, but CloudFlare has come up with...
---------------------------------------------
http://feeds.wired.com/c/35185/f/661467/s/397cb2f7/sc/5/l/0L0Swired0N0C20A140C0A40Ccost0Eof0Eheartbleed0C/story01.htm




*** Heartbleed bereitet Anonymisierungsnetzwerk Tor Schwierigkeiten ***
---------------------------------------------
Rund ein Fünftel der Exit Nodes von OpenSSL-Lücke betroffen - Vorschlag diese aus dem Netz zu werfen...
---------------------------------------------
http://derstandard.at/1397520979826




*** Mac OS X Trojans display ads ***
---------------------------------------------
April 16, 2014 Malicious programs designed to generate a profit for intruders by displaying annoying ads are very common, but until recently they have mostly been a nuisance for Windows users. Thats why a few Trojans that were recently examined by Doctor Webs security researchers stand out among such applications...
---------------------------------------------
http://news.drweb.com/show/?i=4352&lng=en&c=9




*** Heartbleed Update ***
---------------------------------------------
Adobe has evaluated the Creative Cloud and its related services (including Behance and Digital Publishing Suite), the Marketing Cloud solutions and products (including Analytics, Analytics Premium and Experience Manager), EchoSign, Acrobat.com, the Adobe.com store, and other Adobe services. All Adobe internet-facing services known to have been using a version of OpenSSL containing the Heartbleed vulnerability have been mitigated. We are continuing our analysis of Adobe internet-facing servers to identify and remediate any remaining Heartbleed-related risks.
---------------------------------------------
http://blogs.adobe.com/psirt/?p=1085




*** Security Advisory-OpenSSL Heartbeat Extension vulnerability (Heartbleed bug) on Huawei multiple products ***
---------------------------------------------
Some OpenSSL software versions used in multiple Huawei products have the following OpenSSL vulnerability. Unauthorized remote attackers can dump 64 Kbytes of memory of the connected server or client in each attack. The leaked memory may contain sensitive information, such as passwords and private keys (Vulnerability ID: HWPSIRT-2014-0414).
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-332187.htm




*** McAfee Security Bulletin - OpenSSL Heartbleed vulnerability patched in McAfee products ***
---------------------------------------------
Several McAfee products are vulnerable to OpenSSL Heartbleed. See the McAfee Product Vulnerability Status lists below for the status of each product.
---------------------------------------------
https://kc.mcafee.com/corporate/index?page=content&id=SB10071




*** Nagios Remote Plugin Executor 2.15 Remote Command Execution ***
---------------------------------------------
Topic: Nagios Remote Plugin Executor 2.15 Remote Command Execution Risk: High Text: - Release date: 17.04.2014 - Discovered by: Dawid Golunski - Severity: High I. VULNER...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014040126




*** MariaDB Multiple Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/58106




*** Debian update for qemu and qemu-kvm ***
---------------------------------------------
https://secunia.com/advisories/58088




*** OpenVZ update for kernel ***
---------------------------------------------
https://secunia.com/advisories/58060


More information about the Daily mailing list