[CERT-daily] Tageszusammenfassung - Donnerstag 31-07-2014

Thu Jul 31 18:05:37 CEST 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 30-07-2014 18:00 − Donnerstag 31-07-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Innominate mGuard Unauthorized Leakage of System Data ***
---------------------------------------------
Exploitation of this vulnerability could allow a remote unauthenticated user access to release configuration information. While this is a minor vulnerability, it represents a method for further network reconnaissance.
---------------------------------------------
http://ics-cert.us-cert.gov//advisories/ICSA-14-189-02


*** How safe is your quantified self? Tracking, monitoring, and wearable tech ***
---------------------------------------------
Self-tracking enthusiasts are generating a torrent of personal information through apps and devices. Is this data safe from prying eyes?
---------------------------------------------
http://www.symantec.com/connect/blogs/how-safe-your-quantified-self-tracking-monitoring-and-wearable-tech


*** Why the Security of USB Is Fundamentally Broken ***
---------------------------------------------
Computer users pass around USB sticks like silicon business cards. Although we know they often carry malware infections, we depend on antivirus scans and the occasional reformatting to keep our thumbdrives from becoming the carrier for the ..
---------------------------------------------
http://www.wired.com/2014/07/usb-security/


*** TA14-212A: Backoff Point-of-Sale Malware ***
---------------------------------------------
“Backoff” is a family of PoS malware and has been discovered recently. The malware family has been witnessed on at least three separate forensic investigations. Researchers have identified three primary variants to the “Backoff” malware including ..
---------------------------------------------
https://www.us-cert.gov/ncas/alerts/TA14-212A


*** Takedowns: Touchdown or Turnover? ***
---------------------------------------------
Over the last several months malware takedowns have made headlines. But what is really involved in such an operation? The recent takedowns have been a collaborative effort mostly between the private sector and government entities, with academic researchers also playing a role. While some operations included arrests, and others included a civil lawsuit, ..
---------------------------------------------
http://www.seculert.com/blog/2014/07/takedowns-touchdown-or-turnover.html


*** 3 security mistakes small companies make and how to avoid them ***
---------------------------------------------
Dedicated IT staff are a luxury most very small businesses do without but those organisations still need to find a way to secure their computers against cyber ciminals who arent looking to cut them a break just because they're small.
---------------------------------------------
http://nakedsecurity.sophos.com/2014/07/31/3-security-mistakes-small-companies-make-and-how-to-avoid-them/


*** How to Hunt Down Phishing Kits ***
---------------------------------------------
Sites like phishtank and clean-mx act as crowdsourced phishing detection and validation. By knowing how to look, you can consistently find interesting information about how attackers work, and the tools they use to conduct phishing campaigns. This post will give an example of how phishing kits are used, how to find them, as well as show a case study into other ..
---------------------------------------------
https://jordan-wright.github.io/blog/2014/07/30/how-to-hunt-down-phishing-kits/


*** Spy of the Tiger ***
---------------------------------------------
A recent report documents a group of attackers known as 'PittyTiger' that appears to have been active since at least 2011; however, they may have been operating as far back as 2008. We have been monitoring the activities of this ..
---------------------------------------------
http://www.fireeye.com/blog/technical/threat-intelligence/2014/07/spy-of-the-tiger.html


*** Angriff auf Videospiele-Hersteller: Hacker haben es auf Quellcode abgesehen ***
---------------------------------------------
Die Hacker der "Threat Group 3279" sind seit Jahren aktiv und versuchen, Quellcode von Spielen zu stehlen und die Sicherheitsvorkehrungen der dazugehörigen DRM-Systeme zu knacken. Die Gruppe soll aus China stammen.
---------------------------------------------
http://www.heise.de/security/meldung/Angriff-auf-Videospiele-Hersteller-Hacker-haben-es-auf-Quellcode-abgesehen-2280866.html