[CERT-daily] Tageszusammenfassung - Donnerstag 3-07-2014

Daily end-of-shift report team at cert.at
Thu Jul 3 18:08:27 CEST 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 02-07-2014 18:00 − Donnerstag 03-07-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a



*** Multiple Vulnerabilities in Cisco Unified Communications Domain Manager ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm




*** Analysis of a New Banking Trojan Spammed by Cutwail ***
---------------------------------------------
The Cutwail spambot has a long history of sending spam with attached malicious files such as Zbot, Blackhole Exploit Kit and Cryptolocker. Another trick in Cutwail's portfolio is to use links pointing to popular file hosting services. Over the past weeks, we have observed spam that claims to be an unpaid invoice from ..
---------------------------------------------
http://blog.spiderlabs.com/2014/07/analysis-of-a-banking-trojan-spammed-by-cutwail.html




*** Simple Javascript Extortion Scheme Advertised via Bing, (Wed, Jul 2nd) ***
---------------------------------------------
Thanks to our reader Dan for spotting this one. As of today, a search for "Katie Matusik" on Bing will include the following result. The rank has been slowly rising during the day, and as of right now, it is the first link after the link to "Videos"   Once a user clicks on the link, the user is redirected to ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=18337&rss




*** Multiple vulnerabilities in third-party Drupal modules ***
---------------------------------------------
https://www.drupal.org/node/2296783
https://www.drupal.org/node/2296511
https://www.drupal.org/node/2296495




*** New Android Malware HijackRAT Attacks Mobile Banking Users ***
---------------------------------------------
Cybercriminals have rolled out a new malicious Android application that wraps different varieties of banking fraud trick into a single piece of advanced mobile malware.
---------------------------------------------
http://thehackernews.com/2014/07/new-android-malware-hijackrat-attacks.html



*** Exploring the Java vulnerability (CVE-2013-2465) used in the Fiesta EK ***
---------------------------------------------
While going through our daily analysis this month, we came across several Fiesta Exploit Kit attacks. Although this EK first emerged in August 2013, the authors have constantly updated their ..
---------------------------------------------
http://research.zscaler.com/2014/07/exploring-java-vulnerability-cve-2013.html




*** Avast hielt Krypto-Messenger für Trojaner ***
---------------------------------------------
Wer angeblich mit dem Trojaner "Android:Banker-BW" infiziert ist, kann die Warnung unter Umständen getrost ignorieren. Der Avast-Virenscanner hat Moxie Marlinspikes Krypto-Messenger TextSecure fälschlicherweise als Malware eingestuft.
---------------------------------------------
http://www.heise.de/security/meldung/Avast-hielt-Krypto-Messenger-fuer-Trojaner-2248792.html




*** Bugtraq: [security bulletin] HPSBMU03059 rev.1 - HP SiteScope, Remote Authentication Bypass ***
---------------------------------------------
http://www.securityfocus.com/archive/1/532631




*** DynDNS-Dienst: Microsoft hat Domains an NoIP zurückgegeben ***
---------------------------------------------
Seit Tagen funktioniert der DynDNS-Dienst NoIP für viele Kunden nicht, weil Microsoft die Domains übertragen wurden und viele Anfragen ins Leere liefen. Nun hat Microsoft die Domains zurückgegeben und die Lage sollte sich normalisieren.
---------------------------------------------
http://www.heise.de/security/meldung/DynDNS-Dienst-Microsoft-hat-Domains-an-NoIP-zurueckgegeben-2249112.html




*** VU#402020: Autodesk VRED contains an unauthenticated remote code execution vulnerability ***
---------------------------------------------
Improper Neutralization of Special Elements used in an OS Command (OS Command Injection): Autodesk VRED Professional 2014 contains an unauthenticated remote code execution vulnerability. Autodesk VRED Professional 2014.
---------------------------------------------
http://www.kb.cert.org/vuls/id/402020




*** 8 Common Pitfalls of HeartBleed Identification and Remediation (CVE-2014-0160) ***
---------------------------------------------
Unfortunately, one of the biggest vulnerabilities disclosed this year, HeartBleed, has been inefficiently addressed and for some, already forgotten about. Plenty of details about the vulnerability already exist including our FAQ and ..
---------------------------------------------
http://blog.spiderlabs.com/2014/07/pitfalls-of-heartbleed-identification-and-remediation-cve-2014-0160.html





More information about the Daily mailing list