[CERT-daily] Tageszusammenfassung - Freitag 3-10-2014

Fri Oct 3 18:06:42 CEST 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 02-10-2014 18:00 − Freitag 03-10-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Why is your Mac all for sudden using Bing as a search engine?, (Thu, Oct 2nd) ***
---------------------------------------------
Even as a Mac user, you may have heard about Bing, at least you may have seen it demonstrated in commercials [1]. But if your default search engine on your Mac is all for sudden switched to Bing, this may be due to another piece of legacy software that some Mac users may have a hard time living ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=18753


*** ZDI-14-349: (0Day) Microsoft Internet Explorer ScriptEngine Use-After-Free Remote Code Execution Vulnerability ***
---------------------------------------------
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-14-349/


*** ZDI-14-346: (0Day) Apple OS X IOHIDSecurePromptClient Denial Of Service Vulnerability ***
---------------------------------------------
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-14-346/


*** Security incidents are up - and pricier! - but infosec budgets are dwindling ***
---------------------------------------------
The number of security incidents is popping, as are associated costs to mop them up, according to a report from PcW. Global corporate security budgets, meanwhile, seem to be hiding in the closet, just hoping it all goes away.
---------------------------------------------
http://nakedsecurity.sophos.com/2014/10/03/security-incidents-are-up-and-pricier-but-infosec-budgets-are-dwindling/


*** OPSec for security researchers ***
---------------------------------------------
Perfect OPSec is almost impossible. However implementing basic OPSec practices should become second nature for every researcher. You will be more careful and hopefully, avoid rookie mistakes like talking too much and bragging about your research.
---------------------------------------------
https://securelist.com/blog/research/66911/opsec-for-security-researchers/


*** BadUSB: Der USB-Stick als digitale Waffe ***
---------------------------------------------
Speicher gibt sich als anderes Gerät aus - Forscher veröffentlichen Anleitung und Werkzeuge im Internet
---------------------------------------------
http://derstandard.at/2000006383347


*** US-Bericht: Über 80 Millionen Konten bei JPMorgan von Hacker-Angriff betroffen ***
---------------------------------------------
Bei dem im August aufgedeckten Großangriff auf US-Amerikanische Banken, konten Hacker offenbar detaillierte Informationen von Kunden erbeuten.
---------------------------------------------
http://www.heise.de/security/meldung/US-Bericht-Ueber-80-Millionen-Konten-bei-JPMorgan-von-Hacker-Angriff-betroffen-2411422.html


*** Bugtraq: Elasticsearch vulnerability CVE-2014-6439 ***
---------------------------------------------
http://www.securityfocus.com/archive/1/533602


*** HPSBMU02895 SSRT101253 rev.3 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code ***
---------------------------------------------
Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code.
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03822422


*** Command-injection vulnerability for COMMAND-Shell Scripts ***
---------------------------------------------
What if we told you that a normal user in your network could take over the control of your Windows file-servers by just creating a special (but no so complex) directory-name in one of the directories he has access to?
---------------------------------------------
http://www.thesecurityfactory.be/command-injection-windows.html