[CERT-daily] Tageszusammenfassung - Dienstag 20-05-2014

[Daily end-of-shift report]

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 19-05-2014 18:00 − Dienstag 20-05-2014 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl



*** Blackshades - Coordinated Takedown Leads to Multiple Arrests ***
---------------------------------------------
The FBI, Europol and several other law enforcement agencies have arrested dozens of individuals suspected of cybercriminal activity centered around the malware known as Blackshades (a.k.a. W32.Shadesrat).read more
---------------------------------------------
http://www.symantec.com/connect/blogs/blackshades-coordinated-takedown-leads-multiple-arrests




*** Moodle Bugs Permit Cross-Site Scripting, Cross-Site Request Forgery, and Information Disclosure Attacks ***
---------------------------------------------
http://www.securitytracker.com/id/1030256




*** Silverlight finally becomes popular ... with criminals ***
---------------------------------------------
Angler exploit kit targets Redmonds unloved rich web application kit Silverlight has become a choice target for VXers who are foisting nasty exploit kits on users through hacked advertising networks.
---------------------------------------------
http://www.theregister.co.uk/2014/05/20/silverlight_attacks_spike_as_ekers_shift_java_cross_hairs/




*** Cisco IOS XR DHCPv6 Processing Flaw Lets Remote Users Deny Service ***
---------------------------------------------
http://www.securitytracker.com/id/1030259




*** Bugtraq: t214: Call for Papers 2014 (Helsinki / Finland) ***
---------------------------------------------
http://www.securityfocus.com/archive/1/532154




*** When Networks Turn Hostile ***
---------------------------------------------
We've previously discussed how difficult it is to safely connect to networks when on the go. This is particularly true on vacations and holidays, where the availability of Internet access is one of the most important factors when looking for a place to stay.
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/when-networks-turn-hostile



*** Cisco IOS Software IPv6 Denial of Service Vulnerability ***
---------------------------------------------
cisco-sa-20110928-ipv6
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-ipv6




*** Sicherheitslücke in iTunes: BSI drängt zum Update ***
---------------------------------------------
Eine durch Apples Medien-Software verursachte Schwachstelle erlaubt lokalen Nutzern einen umfassenden Zugriff auf andere Benutzerkonten - das Bundesamt für Sicherheit in der Informationstechnik rät zum Update auf Version 11.2.1.
---------------------------------------------
http://www.heise.de/security/meldung/Sicherheitsluecke-in-iTunes-BSI-draengt-zum-Update-2194251.html