[CERT-daily] Tageszusammenfassung - Freitag 30-01-2015

Fri Jan 30 18:06:03 CET 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 29-01-2015 18:00 − Freitag 30-01-2015 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl


*** The Vast World of Fraudulent Routing ***
---------------------------------------------
As network security engineers have attempted to categorize blocks of IP addresses associated with spam or malware for subsequent filtering at their firewalls, the bad guys have had to evolve to continue to target their victims. Since routing ...
---------------------------------------------
http://research.dyn.com/2015/01/vast-world-of-fraudulent-routing/


*** Neue Outlook-App: Microsoft liest auch bei Firmenmails mit ***
---------------------------------------------
Neue App für Android und iOS mit zweifelhafter Funktionalität - Exchange- und iCloud-Passwörter online gespeichert
---------------------------------------------
http://derstandard.at/2000011053283


*** The Internet of Dangerous Things ***
---------------------------------------------
Distributed denial-of-service (DDoS) attacks designed to silence end users and sideline Web sites grew with alarming frequency and size last year, according to new data released this week. Those findings dovetail quite closely with ..
---------------------------------------------
http://krebsonsecurity.com/2015/01/the-internet-of-dangerous-things/


*** Microsoft Publishes Information Sharing Guidelines ***
---------------------------------------------
Microsoft publishes a framework and guidelines on how to effectively set up and operate threat information sharing exchanges in hopes that organizations will actually share data.
---------------------------------------------
http://threatpost.com/microsoft-publishes-information-sharing-guidelines/110740


*** Blubrry PowerPress <= 6.0 - Cross-Site Scripting (XSS) ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/7773


*** Honeywell HART DTM Vulnerability ***
---------------------------------------------
This advisory provides mitigation details for an improper input vulnerability in the CodeWrights GmbH HART ..
---------------------------------------------
https://ics-cert.us-cert.gov//advisories/ICSA-15-029-01


*** Multiple vulnerabilities in Cisco WebEx Meetings ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0597
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0596
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0595


*** D-Link routers vulnerable to DNS hijacking ***
---------------------------------------------
Todor Donev, a member of the Ethical Hacker research team, says that the vulnerability is found in the ZynOS firmware of the device, D-Links DSL-2740R ADSL modem/wireless router. The firmware in question is implemented in many networking equipment manufactured by D-Link, TP-Link Technologies and ZTE, he noted ... Donev hasnt notified D-Link of this flaw, but has released exploit code for the flaw in a security advisory.
---------------------------------------------
http://www.net-security.org/secworld.php?id=17888


*** Drei neue Versionen von Safari: Sicherheitslücken geschlossen ***
---------------------------------------------
Für OS X 10.10, OS X 10.9 und OS X 10.8 stehen Updates für den Apple-Browser zur Verfügung. Sie beheben vor allem Sicherheitslücken.
---------------------------------------------
http://heise.de/-2530322


*** Nearly half of all DDoS attacks uses multiple attack vectors ***
---------------------------------------------
Akamai released a new security report that provides analysis and insight into the global attack threat landscape including DDoS attacks. Akamai observed a 52 percent increase in average peak band...
---------------------------------------------
http://www.net-security.org/secworld.php?id=17896


*** GHOST glibc Vulnerability Affects WordPress and PHP applications ***
---------------------------------------------
... security researchers have discovered that PHP applications, including the WordPress Content Management System (CMS), could also be affected by the bug. ... According to the Sucuri researcher Marc-Alexandre Montpas, GHOST vulnerability could be a big issue for WordPress CMS, as it uses wp_http_validate_url() function to validate every pingback post URL.
---------------------------------------------
http://thehackernews.com/2015/01/ghost-linux-security-vulnerability_29.html


*** BMW-Patzer schürt Angst vor Hackerangriffen auf Autos ***
---------------------------------------------
Schwachstelle beim deutschen Autohersteller inzwischen behoben -
---------------------------------------------
http://derstandard.at/2000011080438


*** We got hacked! Now what? ***
---------------------------------------------
Almost a year ago, I experienced my first real security incident. The companys bulletin board was compromised and it was my job to oversee and coordinate the incident response. The teams and I where pretty much thrown into the cold water, as weve never experienced an incident of that size before.
---------------------------------------------
https://www.hashtagsecurity.com/we-got-hacked-now-what/


*** Vertipper-Domains als Geschäftsmodell ***
---------------------------------------------
Einer Studie zufolge können Markeninhaber kaum verhindern, dass sogenannte Typosquatter Internet-Domains registrieren, die dem eigenen Namen nur fast entsprechen.
---------------------------------------------
http://heise.de/-2533708