[CERT-daily] Tageszusammenfassung - Montag 28-07-2014

Mon Jul 28 18:15:23 CEST 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 25-07-2014 18:00 − Montag 28-07-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Cisco WebEx Meetings Server Authenticated Encryption Vulnerability ***
---------------------------------------------
A vulnerability in the user.php script of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view sensitive information.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3302


*** Cacti cross-site scripting ***
---------------------------------------------
Cacti is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the Full Name field to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting ..
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/94862


*** Cisco WebEx Meetings Server OutlookAction Class Vulnerability ***
---------------------------------------------
A vulnerability in the OutlookAction Class of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to enumerate valid user accounts. The vulnerability is due to ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3304


*** Cisco WebEx Meetings Server Web Framework Vulnerability ***
---------------------------------------------
A vulnerability in the web framework of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view sensitive information. The vulnerability occurs because sensitive information is passed in a query string. An attacker could ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3303


*** Service Drains Competitors' Online Ad Budget ***
---------------------------------------------
The longer one lurks in the Internet underground, the more difficult it becomes to ignore the harsh reality that for nearly every legitimate online business there is a cybercrime-oriented anti-business. Case in point: Todays post looks at a popular service that helps crooked online marketers exhaust the Google AdWords budgets of their competitors.
---------------------------------------------
http://krebsonsecurity.com/2014/07/service-drains-competitors-online-ad-budget/


*** Daimler: Mit eigener Hacker-Gruppe gegen Sicherheitslücken ***
---------------------------------------------
Der Automobilhersteller Daimler beschäftigt eine fest angestellte Gruppe von Datenspezialisten, deren Aufgabe es ist, das eigene Firmennetzwerk zu attackieren. So sollen Sicherheitslücken schneller aufgespürt werden.
---------------------------------------------
http://www.golem.de/news/daimler-mit-eigener-hacker-gruppe-gegen-sicherheitsluecken-1407-108137-rss.html


*** Ubiquiti UbiFi Controller 2.4.5 Password Hash Disclosure ***
---------------------------------------------
If remote logging is enabled on the UniFi controller, syslog messages
are sent to a syslog server. Contained within the syslog messages is
the admin password that is used by both the UniFi controller, and all
managed Access Points. This CVE was ..
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014070146


*** Tails: Zero-Day im Invisible Internet Project ***
---------------------------------------------
In der Linux-Distribution Tails befindet sich eine Sicherheitslücke, über die Nutzeridentitäten aufgedeckt werden können. Die Schwachstelle ist nicht in Tor, sondern im Invisible-Internet-Project-Netzwerk zu finden.
---------------------------------------------
http://www.golem.de/news/tails-zero-day-im-invisible-internet-project-1407-108148-rss.html


*** DANE disruptiv: Authentifizierte OpenPGP-Schlüssel im DNS ***
---------------------------------------------
Pretty Good Privacy soll das DNS zur Schlüsselpropagierung nutzen. Auf der Liste der Entwickler der Internet Engineering Task Force (IETF) steht als nächstes die Zulassung eigenen Schlüsselmaterials.
---------------------------------------------
http://www.heise.de/security/meldung/DANE-disruptiv-Authentifizierte-OpenPGP-Schluessel-im-DNS-2268917.html


*** Behind the Android.OS.Koler distribution network ***
---------------------------------------------
Android.OS.Koler.a a ransomware program that blocks the screen of an infected device and requests a ransom in order to unlock the device. An entire network of malicious porn sites linked to a traffic direction system that redirects the victim to different payloads targeting not only mobile devices but any other visitor.
---------------------------------------------
https://securelist.com/blog/research/65189/behind-the-android-os-koler-distribution-network/


*** Dissecting the CVE-2013-2460 Java Exploit ***
---------------------------------------------
In this vulnerability, code is able to get the references of some restricted classes which are cleverly used for privilege escalation and bypassing the JVM sandbox. The vulnerable 'invoke' method of the 'sun.tracing.ProviderSkeleton' class is used to ..
---------------------------------------------
http://research.zscaler.com/2014/07/dissecting-cve-2013-2460-java-exploit.html


*** Anatomy of an iTunes phish - tips to avoid getting caught out ***
---------------------------------------------
Even if youd back yourself to spot a phish every time, heres a step-by-step account that might help to save your friends and family in the future...
---------------------------------------------
http://nakedsecurity.sophos.com/2014/07/28/anatomy-of-an-itunes-phish-tips-to-avoid-getting-caught-out/


*** ICS 3C - ICS Cybersecurity Council Conference ***
---------------------------------------------
ICS 3C gathers experts and decision makers placing Cybersecurity at the heart of a Pan-European Dialogue on solutions for securing critical processes.
---------------------------------------------
http://www.anapur.de/u_e_ICS_Cybersecurity_Conference_2014_HD.htm


*** Trojaner: Warnungen vor gefälschten Ikea-Mails ***
---------------------------------------------
Schon mehrere tausend Funde, E-Mails sind "täuschend echt" ..
---------------------------------------------
http://derstandard.at/2000003626539


*** Malware, Would You Install it for One Cent? ***
---------------------------------------------
A research study report entitled It's All About The Benjamins: An empirical study on incentivizing users to ignore security ..
---------------------------------------------
http://www.seculert.com/blog/2014/07/would-you-install-potential-malware-for-one-cent.html