[CERT-daily] Tageszusammenfassung - Donnerstag 13-02-2014
Daily end-of-shift report
team at cert.at
Thu Feb 13 18:12:09 CET 2014
=======================
= End-of-Shift report =
=======================
Timeframe: Mittwoch 12-02-2014 18:00 − Donnerstag 13-02-2014 18:00
Handler: Stephan Richter
Co-Handler: n/a
*** In the wild: Phony SSL certificates impersonating Google, Facebook, and iTunes ***
---------------------------------------------
Bogus credentials may be enough to ensnare some smartphone apps, researchers say.
---------------------------------------------
http://feeds.arstechnica.com/~r/arstechnica/security/~3/_AvaaGHbDLo/story01.htm
*** Gameover Zeus most active banking trojan in 2013, researchers report ***
---------------------------------------------
The most active banking trojan of 2013 was the Gameover variant Zeus, according to the latest research by the experts with the Dell SecureWorks Counter Threat Unit.
---------------------------------------------
http://www.scmagazine.com/gameover-zeus-most-active-banking-trojan-in-2013-researchers-report/article/333795/
*** Decoding Domain Generation Algorithms (DGAs) - Part I ***
---------------------------------------------
Part 1 - Unpacking the binary to properly view it in IDA Pro
---------------------------------------------
http://vrt-blog.snort.org/2014/02/decoding-domain-generation-algorithms.html
*** Weekly Metasploit Update: Android WebView Exploit, Clipboard Monitor, and Mass Checks ***
---------------------------------------------
Weekly Metasploit Update: Android WebView Exploit, Clipboard Monitor, and Mass Checks
---------------------------------------------
https://community.rapid7.com/community/metasploit/blog/2014/02/13/weekly-metasploit-update
*** TYPO3: Several vulnerabilities in third party extensions ***
---------------------------------------------
Several vulnerabilities have been found in the following third-party TYPO3 extensions: alpha_sitemap, femanager ke_stats, outstats, px_phpids, smarty, wec_map
---------------------------------------------
http://typo3.org/news/article/several-vulnerabilities-in-third-party-extensions/
*** python-gnupg Command Injection Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/56616
*** Security Bulletin: Multiple vulnerabilities in current IBM SDK for Java for WebSphere Application Server January 2014 CPU ***
---------------------------------------------
Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server. CVE(s): CVE-2014-0411 Affected product(s) and affected version(s): SDK shipped with IBM WebSphere Application Server Version 8.5.0.0 through 8.5.5.1, Version 8.0.0.0 through 8.0.0.8, Version 7.0.0.0 through 7.0.0.31, Version 6.1.0.0 through 6.1.0.47 Refer to the following reference URLs for remediation and additional vulnerability details.
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_vulnerabilities_in_current_ibm_sdk_for_java_for_websphere_application_server_january_2014_cpu?lang=en_us
*** Drupal - Vulnerabilities in third-party Contributions ***
---------------------------------------------
https://drupal.org/node/2194135
https://drupal.org/node/2194589
https://drupal.org/node/2194621
https://drupal.org/node/2194639
https://drupal.org/node/2194655
https://drupal.org/node/2194671
https://drupal.org/node/2194809
https://drupal.org/node/2194877
*** SAP NetWeaver Multiple Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/56947
*** Juniper Networks - 2014-02 Security Threat Response Manager: Multiple vulnerabilities ***
---------------------------------------------
Product Affected: STRM series devices and virtual machines with SRTM software releases: 2010.0, 2012.0, 2012.1, 2013.1, 2013.2
---------------------------------------------
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10614
More information about the Daily
mailing list