[CERT-daily] Tageszusammenfassung - Donnerstag 20-02-2014

Thu Feb 20 18:10:03 CET 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 19-02-2014 18:00 − Donnerstag 20-02-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Christian Wojner


*** Malicious iFrame Injections Host Payload on Tumblr ***
---------------------------------------------
It's always fun to watch malware developers using different techniques to code their creations. Sometimes it's a matter of obfuscation, placement, injection, but this time it's how they code it to be dynamic. I believe this is not the first one that uses this service, but it's the first time I'm seeing ..
---------------------------------------------
http://blog.sucuri.net/2014/02/malicious-iframe-injections-host-payload-on-tumblr.html


*** Health Care Systems Poorly Protected, Many Already Compromised ***
---------------------------------------------
New report shows that health care industry intellectual property, payment information, and patient data are poorly protected and, in many cases, already compromised.
---------------------------------------------
http://threatpost.com/health-care-systems-poorly-protected-many-already-compromised/104374


*** Microsoft release FixIt for IE9/IE10 Zero Day, (Thu, Feb 20th) ***
---------------------------------------------
Microsoft has published a TechNet article detailing the availability of a "FixIt" for the current IE9/IE10 zero day which has been doing the rounds. Corporate users will presumably have to wait until the availability of the patch which Microsoft say will be released during the monthly patching cycle..
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=17684&rss


*** Microsoft Security Advisory (2934088) ***
---------------------------------------------
Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 10. Only Internet Explorer 9 and Internet Explorer 10 are affected by this vulnerability. Other supported versions of Internet Explorer are not affected. Applying the Microsoft Fix it solution, "MSHTML Shim Workaround," prevents ..
---------------------------------------------
https://technet.microsoft.com/en-us/security/advisory/2934088


*** Fritzbox-Lücke: Jetzt auch bei WLAN-Repeatern ***
---------------------------------------------
Auf den Routern haben zwar längst noch nicht alle Nutzer die Sicherheitslücke gestopft, aber zumindest stehen Firmware-Updates bereit. Nun bessert AVM auch die Software anderer Produkte mit WLAN-Schnittstelle aus.
---------------------------------------------
http://www.heise.de/security/meldung/Fritzbox-Luecke-Jetzt-auch-bei-WLAN-Repeatern-2119244.html


*** Datenbank-Leck in Leoben, Hack-Angriff auf Energie Steiermark ***
---------------------------------------------
Zusammenhang beider Vorfälle möglich - Zugriff auf Gas-Kundendaten bei Energie Steiermark
---------------------------------------------
http://derstandard.at/1392685633659


*** eXtplorer Joomla! Authentication Bypass Security Issue ***
---------------------------------------------
https://secunia.com/advisories/57022


*** SA-CONTRIB-2014-022 - Slickgrid - Access bypass ***
---------------------------------------------
The module doesnt check access sufficiently, allowing users to ..
---------------------------------------------
https://drupal.org/node/2200491


*** Drupal Maestro 7.x Cross Site Scripting ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014020165


*** [remote] - MediaWiki Thumb.php Remote Command Execution ***
---------------------------------------------
http://www.exploit-db.com/exploits/31767