[CERT-daily] Tageszusammenfassung - Freitag 10-07-2015

Fri Jul 10 18:06:13 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 09-07-2015 18:00 − Freitag 10-07-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Multiple vulnerabilities in Cisco TelePresence products ***
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=39798
http://tools.cisco.com/security/center/viewAlert.x?alertId=39802
http://tools.cisco.com/security/center/viewAlert.x?alertId=39801
http://tools.cisco.com/security/center/viewAlert.x?alertId=39795
http://tools.cisco.com/security/center/viewAlert.x?alertId=39796
http://tools.cisco.com/security/center/viewAlert.x?alertId=39800
http://tools.cisco.com/security/center/viewAlert.x?alertId=39797


*** VMSA-2015-0005 ***
---------------------------------------------
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
---------------------------------------------
http://www.vmware.com/security/advisories/VMSA-2015-0005.html


*** The Massive OPM Hack Actually Hit 21 Million People ***
---------------------------------------------
The massive hack that struck the US Office of Personnel Management affected some 21.5 million people, all of them people who had information stolen about them from a backgrounds investigation database used for evaluating people who sought classified clearances from the government.
---------------------------------------------
http://www.wired.com/2015/07/massive-opm-hack-actually-affected-25-million/


*** Yubikeys Zwei-Faktor-Authentifizierung unter Linux nutzen ***
---------------------------------------------
Mit Hilfe des Yubikeys lässt sich eine verschlüsselte Systempartition unter Linux zusätzlich per Zwei-Faktor-Authentifizierung absichern. In dieser Kombination kann auch ein bequemeres Kennwort genutzt werden. 
---------------------------------------------
http://www.golem.de/news/systemverschluesselung-yubikeys-zwei-faktor-authentifizierung-unter-linux-nutzen-1507-115155.html


*** Magento-Patch: Update soll Kundendaten-Leck stopfen ***
---------------------------------------------
Im Shop-System Magento klaffen Lücken, die es Angreifern erlauben, Admin-Konten zu kapern und Kundendaten auszulesen. Der Hersteller hat jetzt einen Patch veröffentlicht, der Abhilfe schaffen soll.
---------------------------------------------
http://heise.de/-2747984


*** Hacking Team Shows the World How Not to Stockpile Exploits ***
---------------------------------------------
Bank robber Willie Sutton’s famous line about why he robs banks—“because that’s where the money is”—was particularly apt this week after the Italian firm Hacking Team was hacked and at least two zero-day exploits the firm possessed were spilled to the public, along with about 400 gigabytes of company emails and other data.
---------------------------------------------
http://www.wired.com/2015/07/hacking-team-shows-world-not-stockpile-exploits/


*** Rootkits: User Mode & Kernel Mode - Part 1 ***
---------------------------------------------
In this article, we will learn about what rootkits are and how they operate. The focus will be on two types of Rootkits exploits: User Mode & Kernel Mode, what are the various ways in which rootkits exploit in both modes. In this Part we will learn ..
---------------------------------------------
http://resources.infosecinstitute.com/rootkits-user-mode-kernel-mode-part-1/


*** Programmier-Tipps für die BIOS-Backdoor ***
---------------------------------------------
Der Hacker Cr4sh erklärt, wie er eine Hintertür in die UEFI-Firmware eines Intel-Mainboards einbaut. Dabei zeigen sich einmal mehr kritische Lücken in der x86-Plattform, vor allem beim System Management Mode.
---------------------------------------------
http://heise.de/-2748219