[CERT-daily] Tageszusammenfassung - Montag 5-01-2015

Daily end-of-shift report team at cert.at
Mon Jan 5 18:14:39 CET 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 02-01-2015 18:00 − Montag 05-01-2015 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter




*** Before you enable those macros... ***
---------------------------------------------
The Microsoft Malware Protection Center (MMPC) has recently seen an increasing number of threats using macros to spread their malicious code. This technique uses spam emails and social engineering to infect a system. Using macros in Microsoft Office can help increase productivity by automating some processes. However, malware authors have also exploited these capabilities. Since Microsoft set the default setting to "Disable all macros with notification", the number of macro-related...
---------------------------------------------
http://blogs.technet.com/b/mmpc/archive/2015/01/02/before-you-enable-those-macros.aspx




*** OpenSSL Cookbook ***
---------------------------------------------
A short book that covers the most frequently used OpenSSL features and commands, by Ivan Ristić. OpenSSL Cookbook is a free ebook built around one chapter from Bulletproof SSL and TLS, a larger work that teaches how to deploy secure servers and web applications.
---------------------------------------------
https://www.feistyduck.com/books/openssl-cookbook/




*** Defensible network architecture, (Mon, Jan 5th) ***
---------------------------------------------
For the nearly 20 years since Zwicky, Cooper and Chapman first wrote about Firewalls the firewall has been the primary defense mechanism of nearly every entity attached to the Internet. While perimeter protection is still important in the modern enterprise, the fact is that the nature of Internet business has vastly changed and the crunchy perimeter and squishy inside approach has long since become outdated. You can two aspects of your business model that you cannot do without and which can give...
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=19141&rss




*** Snooker WPA secrets with this WiFi tool ***
---------------------------------------------
Jammed and canned Crypto geek George Chatzisofroniou has published a WiFi social engineering tool used to steal credentials and credit cards from users of secure wireless networks.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2015/01/05/snooker_wpa_secrets_with_this_wifi_tool/




*** Hard disk hacking ***
---------------------------------------------
... Research like this has been done before for various bits of hardware: from PCI extension cards to embedded controllers in laptops to even Apple keyboards. Usually the research has been done in order to prove the hackability of these devices can lead to compromised software, so I decided to take the same approach: for this hack, I wanted to make a hard disk that could bypass software security.
---------------------------------------------
http://spritesmods.com/?art=hddhack&page=1




*** Sicherheitslücke: Bitcoinbörse Bitstamp stellt vorerst Betrieb ein ***
---------------------------------------------
Schon wieder eine Bitcoinbörse gehackt? Der Anbieter Bitstamp ist wegen einer kompromittierten Wallet fürs erste offline gegangen. Nutzer sollten keinesfalls Coins auf alte Einzahladressen überweisen.
---------------------------------------------
http://www.heise.de/security/meldung/Sicherheitsluecke-Bitcoinboerse-Bitstamp-stellt-vorerst-Betrieb-ein-2508452.html




*** Several Electronic Arts Origin accounts hacked ***
---------------------------------------------
Many gamers are finding purchases that they never made their accounts for Electronic Arts Origin service. Once again the gaming industry under attack.
---------------------------------------------
http://securityaffairs.co/wordpress/31799/cyber-crime/electronic-arts-origin-accounts-hacked.html




*** Active Directory Recycle Bin: What is it, and how can I use it? ***
---------------------------------------------
Remember the Windows 95 Recycle Bin? It was a big leap forward to recovering "deleted" files. Well, it turns out that Active Directory has it's own Recycle Bin for users, groups and computers, and it's called... wait for it.. the Active Directory Recycle Bin. Here's the good news about the Active Directory Recycle bin:...
---------------------------------------------
http://blog.beyondtrust.com/active-directory-recycle-bin-what-is-it-and-how-can-i-use-it




*** Openwall 3.1 Released With Fixes for Shellshock, POODLE Attack ***
---------------------------------------------
The maintainers of the Openwall security enhanced Linux distribution have released a new stable version, which includes fixes for a number of serious vulnerabilities, such as the Shellshock Bash bug and the flaw in SSLv3 that leads to the POODLE attack. Openwall is designed to be a small, compact Linux distribution for servers, appliances and...
---------------------------------------------
http://threatpost.com/openwall-3-1-released-with-fixes-for-shellshock-poodle-attack/110186




*** ASUSWRT 3.0.0.4.376_1071 LAN Backdoor Command Execution ***
---------------------------------------------
Topic: ASUSWRT 3.0.0.4.376_1071 LAN Backdoor Command Execution Risk: High Text:#!/usr/bin/env python3 # Exploit Title: ASUSWRT 3.0.0.4.376_1071 LAN Backdoor Command Execution # Date: 2014-10-11 # Vend...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2015010009




*** USN-2450-1: strongSwan vulnerability ***
---------------------------------------------
Ubuntu Security Notice USN-2450-15th January, 2015 | strongswan vulnerability | A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.10 Ubuntu 14.04 LTS | Summary | strongSwan could be made to crash or run programs if it received specially crafted network traffic. | Software description | strongswan - IPsec VPN solution | Details | Mike Daskalakis discovered that strongSwan incorrectly handled IKEv2payloads that contained the Diffie-Hellman group 1025. A remote attackercould use this...
---------------------------------------------
http://www.ubuntu.com/usn/usn-2450-1/




*** VU#976132: Some UEFI systems do not properly secure the EFI S3 Resume Boot Path boot script ***
---------------------------------------------
Vulnerability Note VU#976132 Some UEFI systems do not properly secure the EFI S3 Resume Boot Path boot script Original Release date: 05 Jan 2015 | Last revised: 05 Jan 2015   Overview Some UEFI systems fail to properly restrict access to the boot script used by the EFI S3 Resume Boot Path, allowing an authenticated, local attacker to bypass various firmware write protections.  Description According to Rafal Wojtczuk and Corey Kallenberg of The MITRE Corporation:"During the UEFI S3 Resume...
---------------------------------------------
http://www.kb.cert.org/vuls/id/976132




*** VU#766164: Intel BIOS locking mechanism contains race condition that enables write protection bypass ***
---------------------------------------------
Vulnerability Note VU#766164 Intel BIOS locking mechanism contains race condition that enables write protection bypass Original Release date: 05 Jan 2015 | Last revised: 05 Jan 2015   Overview A race condition exists in Intel chipsets that rely solely on the BIOS_CNTL.BIOSWE and BIOS_CNTL.BLE bits as a BIOS write locking mechanism. Successful exploitation of this vulnerability may result in a bypass of this locking mechanism.  Description CWE-362: Concurrent Execution using Shared Resource with...
---------------------------------------------
http://www.kb.cert.org/vuls/id/766164




*** VU#533140: UEFI EDK1 vulnerable to buffer overflow ***
---------------------------------------------
Vulnerability Note VU#533140 UEFI EDK1 vulnerable to buffer overflow Original Release date: 05 Jan 2015 | Last revised: 05 Jan 2015   Overview The EDK1 UEFI reference implementation contains a buffer overflow vulnerability.   Description The open source EDK1 project provides a reference implementation of the Unified Extensible Firmware Interface (UEFI). Commercial UEFI implementations may incorporate portions of the EDK1 source code.According to Rafal Wojtczuk and Corey Kallenberg, a buffer...
---------------------------------------------
http://www.kb.cert.org/vuls/id/533140


More information about the Daily mailing list