[CERT-daily] Tageszusammenfassung - Freitag 10-01-2014

Daily end-of-shift report team at cert.at
Fri Jan 10 18:26:32 CET 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 09-01-2014 18:00 − Freitag 10-01-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Stephan Richter




*** Understanding and mitigating NTP-based DDoS attacks ***
---------------------------------------------
Over the last couple of weeks you may have been hearing about a new tool in the DDoS arsenal: NTP-based attacks. These have become popular recently and caused trouble for some gaming web sites and service providers. Wed long thought that NTP might become a vector for DDoS attacks because, like DNS, it is a simple UDP-based protocol that can be persuaded to return a large reply to a small request. Unfortunately, that prediction has come true.
---------------------------------------------
http://blog.cloudflare.com/understanding-and-mitigating-ntp-based-ddos-attacks




*** Advance Notification for January 2014 - Version: 1.0 ***
---------------------------------------------
This is an advance notification of security bulletins that Microsoft is intending to release on January 14, 2014.
This bulletin advance notification will be replaced with the January bulletin summary on January 14, 2014. For more information about the bulletin advance notification service, see...
---------------------------------------------
http://technet.microsoft.com/en-us/security/bulletin/ms14-jan




*** Oracle Critical Patch Update Pre-Release Announcement - January 2014 ***
---------------------------------------------
This Critical Patch Update Pre-Release Announcement provides advance information about the Oracle Critical Patch Update for January 2014, which will be released on Tuesday, January 14, 2014. While this Pre-Release Announcement is as accurate as possible at the time of publication, the information it contains may change before publication of the Critical Patch Update Advisory.
---------------------------------------------
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html




***  Prenotification Security Advisory for Adobe Reader and Acrobat ***
---------------------------------------------
Adobe is planning to release security updates on Tuesday, January 14, 2014 for Adobe Reader and Acrobat XI (11.0.05) and earlier versions for Windows and Macintosh.
---------------------------------------------
http://helpx.adobe.com/security/products/reader/apsb14-01.html




*** Adobe, Microsoft und Oracle ze­le­b­rie­ren ersten Patchday des Jahres ***
---------------------------------------------
Kommenden Dienstag ist es wieder soweit. Adobe will kritische Lücken in Acrobat und Adobe Reader schließen, Microsoft unter anderem eine Windows-Lücke, die bereits seit November vergangenen Jahres ausgenutzt wird.
---------------------------------------------
http://www.heise.de/security/meldung/Adobe-Microsoft-und-Oracle-zelebrieren-ersten-Patchday-des-Jahres-2082651.html




*** Tackling the Sefnit botnet Tor hazard ***
---------------------------------------------
Sefnit, a prevailing malware known for using infected computers for click fraud and bitcoin mining, has left millions of machines potentially vulnerable to future attacks. We recently blogged about Sefnit performing click fraud and how we added detection on the upstream Sefnit installer. In this blog we explain how the Tor client service, added by Sefnit, is posing a risk to millions of machines, and how we are working to address the problem. Win32/Sefnit made headlines last August as it took...
---------------------------------------------
http://blogs.technet.com/b/mmpc/archive/2014/01/09/tackling-the-sefnit-botnet-tor-hazard.aspx




*** Schon wieder hunderttausende Kundendaten durch xt:Commerce-Lücke geklaut ***
---------------------------------------------
Eine weitere Sicherheitslücke in xt:Commerce 3 und einigen der Nachfolger wird derzeit ausgenutzt, um die Namen, Mail-Adressen und Passwort-Hashes in Online-Shops zu entwenden. Betroffen sind über 230.000 Kunden vor allem aus Deutschland und Österreich.
---------------------------------------------
http://www.heise.de/security/meldung/Schon-wieder-hunderttausende-Kundendaten-durch-xt-Commerce-Luecke-geklaut-2083403.html




*** Cisco Context Directory Agent Multiple Vulnerabilities ***
---------------------------------------------
Multiple vulnerabilities have been reported in Cisco Context Directory Agent, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks and manipulate certain data.
---------------------------------------------
https://secunia.com/advisories/56365


More information about the Daily mailing list