[CERT-daily] Tageszusammenfassung - Mittwoch 29-07-2015

Wed Jul 29 18:04:37 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 28-07-2015 18:00 − Mittwoch 29-07-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** New RC4 Attack ***
---------------------------------------------
New research: "All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS," by Mathy Vanhoef and Frank Piessens: Abstract: We present new biases in RC4, break the Wi-Fi Protected Access Temporal Key Integrity Protocol (WPA-TKIP), and design a practical ..
---------------------------------------------
https://www.schneier.com/blog/archives/2015/07/new_rc4_attack_1.html


*** Cisco UCS Central Software File Access Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=40151


*** Cisco AnyConnect Secure Mobility Client Local Denial of Service Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=40176


*** SweetCAPTCHA Returns Hijacking Another Plugin ***
---------------------------------------------
Yesterday we observed a strange short return of the SweetCaptcha plugin to WordPress.org repository. In June we reported that SweetCaptcha injected third-party ad code to their scripts which lead to malvertising problems on the ..
---------------------------------------------
https://blog.sucuri.net/2015/07/sweetcaptcha-returns-hijacking-another-plugin.html


*** CVE-2015-5477: An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure ***
---------------------------------------------
An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit.
---------------------------------------------
https://kb.isc.org/article/AA-01272


*** Trend Micro Discovers Vulnerability That Renders Android Devices Silent ***
---------------------------------------------
We have discovered a vulnerability in Android that can render a phone apparently dead - silent, unable to make calls, with a lifeless screen. This vulnerability is present from Android 4.3 (Jelly Bean) up to the current version, Android ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-vulnerability-that-renders-android-devices-silent/


*** Hackers Can Disable a Sniper Rifle - Or Change Its Target ***
---------------------------------------------
If a hacker attacks your TrackingPoint smart gun over its Wi-Fi connection, you may find the weapon is aiming at a different target than you think.
---------------------------------------------
http://www.wired.com/2015/07/hackers-can-disable-sniper-rifleor-change-target/


*** Eigene Keys zum Verschlüsseln der Google Cloud Platform ***
---------------------------------------------
Nutzer der Google Cloud Platform können ihre Umgebung nun mit eigenen Keys verschlüsseln. So sollen weder Betreiber noch Externe Zugriff auf die Daten erhalten.
---------------------------------------------
http://heise.de/-2764751


*** Phishing: Betrüger zocken Nutzer mit "WhatsApp Gold" ab ***
---------------------------------------------
Fake-Angebot lockt mit "besserer Audioqualität" und größeren Gruppen – bringt aber nur Werbung
---------------------------------------------
http://derstandard.at/2000019919056


*** A third of workers admit theyd leak sensitive biz data for peanuts ***
---------------------------------------------
And three per cent of employees would consider offers as low as 100 pound. A third of employees would sell information on company patents, financial records and customer credit card details ..
---------------------------------------------
www.theregister.co.uk/2015/07/29/third_workers_would_leak_data_cash/


*** Die Git-Stolperfalle: Viele Webseiten geben sensible Daten preis ***
---------------------------------------------
Wenn Web-Admins beim Hochladen von Projekten nicht aufpassen, stellen sie unter Umständen ohne es mitzubekommen Passwort-Datenbanken und weitere schützenswerte Daten zum Abruf für jedermann bereit. 
---------------------------------------------
http://heise.de/-2764756


*** Remote code execution via serialized data ***
---------------------------------------------
Most programming languages contain powerful features, that used correctly are incredibly powerful, but used incorrectly can be incredibly dangerous. Serialization (and deserialization) is one such feature available in most modern programming ..
---------------------------------------------
https://securityblog.redhat.com/2015/07/29/remote-code-execution-via-serialized-data/


*** Analyzing VUPEN's CVE-2012-1856 ***
---------------------------------------------
Quite some time ago (more than a year before the HackingTeam leaks) I came across a number of interesting exploit samples that make use of CVE-2012-1856. With the recent HackingTeam leaks a ..
---------------------------------------------
http://blog.ropchain.com/2015/07/27/analyzing-vupens-cve-2012-1856/


*** Sicherheitsupdate von Chrysler gefährlicher als Hack ***
---------------------------------------------
Zum Schließen einer Sicherheitslücke, die eine Fernsteuerung des Autos ermöglichen könnte, bot Chrysler den Download von ".exe"- und ".zip"-Dateien für die Autoelektronik an.
---------------------------------------------
http://fm4.orf.at/stories/1761148/


*** Windows 10 Shares Your Wi-Fi With Contacts ***
---------------------------------------------
Starting today, Microsoft is offering most Windows 7 and Windows 8 users a free upgrade to the software giants latest operating system -- Windows 10. But theres a very important security caveat that users should know about before transitioning to the ..
---------------------------------------------
http://krebsonsecurity.com/2015/07/windows-10-shares-your-wi-fi-with-contacts/