[CERT-daily] Tageszusammenfassung - Freitag 6-02-2015

Daily end-of-shift report team at cert.at
Fri Feb 6 18:02:08 CET 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 05-02-2015 18:00 − Freitag 06-02-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a



*** Filmkan: Mysterious Turkish Botnet Grows Through Facebook ***
---------------------------------------------
On January 31, a security researcher named Mohammad Faghani posted an analysis of malware that was being distributed through Facebook posts. Based on the number of ..
---------------------------------------------
http://researchcenter.paloaltonetworks.com/2015/02/filmkan-mysterious-turkish-botnet-grows-facebook




*** Microsoft: Firmen entdecken Cyberattacken erst nach 243 Tagen ***
---------------------------------------------
Firmen brauchen nach Angaben von Microsoft durchschnittlich 243 Tage, um eine Cyberattacke auf ihr Netzwerk zu entdecken. "Sie haben 243 Tage lang ..
---------------------------------------------
http://derstandard.at/2000011347067




*** Revetons design refreshed - Winter 2015 ***
---------------------------------------------
Those days Reveton is mainly pushed  on adult traffic via "standalone" CVE-2015-0311 flash (posing as advert) calling an Xtea encoded stream. After not far from 2 years with the same design it's now showing some ..
---------------------------------------------
http://malware.dontneedcoffee.com/2015/02/RevetonWinter2015.html




*** The Anthem Breach: What We Know Now ***
---------------------------------------------
I learned about the breach directly from the CEO before all the hype and speculation hit. This is the level of caring and responsibility I personally expect as an Anthem customer. So now that the news is out there, let's talk about the technical aspects of the breach.
---------------------------------------------
http://blog.beyondtrust.com/the-anthem-breach-what-we-know-now




*** GE and MACTek HART Device DTM Vulnerability ***
---------------------------------------------
This advisory provides mitigation details for an improper input vulnerability in the HART Device Type Manager (DTM) library utilized in GE and MACTek's HART Device DTM.
---------------------------------------------
https://ics-cert.us-cert.gov//advisories/ICSA-15-036-01




*** Pepperl+Fuchs Hart Device DTM Vulnerability ***
---------------------------------------------
This advisory provides mitigation details for an improper input vulnerability in the CodeWrights GmbH HART Device DTM library utilized in Pepperl+Fuchs' HART Device DTM.
---------------------------------------------
https://ics-cert.us-cert.gov//advisories/ICSA-15-036-02




*** CodeWrights GmbH HART Device DTM Vulnerability (Update C) ***
---------------------------------------------
This updated advisory is a follow-up to the updated advisory titled ICSA-15-012-01B CodeWrights GmbH HART DTM Vulnerability that was published January 27, 2015, ..
---------------------------------------------
https://ics-cert.us-cert.gov//advisories/ICSA-15-012-01C




*** Datenschutz: Wie sicher ist die IP-Telefonie? ***
---------------------------------------------
Können Dritte ohne großen Aufwand IP-Telefonate mithören? Die Antwort ist wie so oft: Jein. Denn trotz mangelnder Verschlüsselung ist die IP-Telefonie nicht ganz so unsicher wie behauptet - zumindest ist es für Angreifer schwierig, Telefonate abzuhören.
---------------------------------------------
http://www.golem.de/news/datenschutz-wie-sicher-ist-die-ip-telefonie-1502-112193.html




*** Preparing for the unknown - A peek into Cyber Europe ***
---------------------------------------------
ENISA is supporting Member States to cope with major cybersecurity crises with its flagship Cyber Europe programme. Five years after the first ever European wide cyber exercise, Cyber Europe evolved into a unique multinational crisis simulation which immerses participants into the unknown.
---------------------------------------------
http://www.enisa.europa.eu/media/news-items/preparing-for-the-unknown-a-peek-into-cyber-europe




*** 7 Best WordPress Security Plugins ***
---------------------------------------------
WordPress is the most popular blogging platform in the world. Millions of websites including various popular blogs are using WordPress as a content publishing platform. So, hackers are also more interested in hacking ..
---------------------------------------------
http://resources.infosecinstitute.com/7-best-wordpress-security-plugins/




*** Neue Spuren im Sony-Hack führen nach Russland ***
---------------------------------------------
Neue Indizien im Fall des Sony-Hacks sollen belegen, dass russische Hacker in den Vorfall involviert sind. Einem Bericht zufolge haben diese aktuell immer noch Zugriff auf das Netzwerk von Sony Pictures Entertainment.
---------------------------------------------
http://heise.de/-2543005




*** Fessleak malvertising campaign used to serve ransomware ***
---------------------------------------------
Invincea has been monitoring the Fessleak campaign in which hackers leveraged Adobe Flash Player exploits and file-less infections to serve ransomware.
---------------------------------------------
http://securityaffairs.co/wordpress/33153/cyber-crime/fessleak-malvertising-campaign.html






More information about the Daily mailing list