[CERT-daily] Tageszusammenfassung - Dienstag 23-06-2015

Tue Jun 23 18:06:51 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 22-06-2015 18:00 − Dienstag 23-06-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Security updates available for Adobe Flash Player (APSB15-14) ***
---------------------------------------------
A Security Bulletin (APSB15-14) has been published regarding security updates for Adobe Flash Player. These updates address a critical vulnerability (CVE-2015-3113), and Adobe recommends users update their product installations to the latest ..
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1210


*** Multiple vulnerabilities in Cisco products ***
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=39439
http://tools.cisco.com/security/center/viewAlert.x?alertId=39440
http://tools.cisco.com/security/center/viewAlert.x?alertId=39455
http://tools.cisco.com/security/center/viewAlert.x?alertId=39457
http://tools.cisco.com/security/center/viewAlert.x?alertId=39459
http://tools.cisco.com/security/center/viewAlert.x?alertId=39460
http://tools.cisco.com/security/center/viewAlert.x?alertId=39377
http://tools.cisco.com/security/center/viewAlert.x?alertId=39458


*** �Free� Proxies Aren�t Necessarily Free ***
---------------------------------------------
Netflix, Hulu and a host of other content streaming services block non-U.S. users from viewing their content. As a result, many people residing in or traveling outside of the United States seek to circumvent such restrictions by using services that advertise "free" and "open" Web proxies capable of ..
---------------------------------------------
http://krebsonsecurity.com/2015/06/free-proxies-arent-necessarily-free


*** Security hole in MacKeeper used to shove malware onto Macs ***
---------------------------------------------
According to researchers at BAE, a recent Mac malware infestation was carried out using a security hole in a utility called MacKeeper.
---------------------------------------------
https://nakedsecurity.sophos.com/2015/06/22/security-hole-in-mackeeper-used-to-shove-malware-onto-macs/


*** New Dridex infection vector identified - Banking Trojan�s authors use Microsoft Office trick and a legitimate service to infect systems ***
---------------------------------------------
Malware authors can sometimes be creative in order to manipulate their human targets on the one hand and to circumvent security products, too. The experts of G DATA�s SecurityLabs analyzed a specially crafted Microsoft Word document ..
---------------------------------------------
https://blog.gdatasoftware.com/blog/article/new-dridex-infection-vector-identified.html


*** XOR DDOS Mitigation and Analysis, (Tue, Jun 23rd) ***
---------------------------------------------
I have struggled over the past recent months with a clients environment becoming infected and reinfected with an XOR DDOS trojan. The disruption and reinfection rates were costly at times. The client in question ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=19827


*** This Radio Bug Can Steal Laptop Crypto Keys, Fits Inside a Pita ***
---------------------------------------------
The list of paranoia-inducing threats to your computer�s security grows daily: Keyloggers, trojans, infected USB sticks, ransomware�and now the rogue falafel sandwich.
---------------------------------------------
http://www.wired.com/2015/06/radio-bug-can-steal-laptop-crypto-keys-fits-inside-pita/


*** mTAN-Trojaner hat es erneut auf Android-Nutzer abgesehen ***
---------------------------------------------
Gefälschte E-Mails im Namen der Postbank machen aktuell die Runde und fordern Nutzer dazu auf, eine SSL-Zertifikat-App zu installieren. Dahinter verbirgt sich jedoch ein Trojaner, der unter anderem mTANs für Online-Banking mitschneidet. 
---------------------------------------------
http://heise.de/-2721682


*** Moose Malware-Part 1 ***
---------------------------------------------
In this article series, we will learn about a famous Linux family of malware known as MOOSE, which is used to steal unencrypted traffic over the wire and infect other devices automatically. This malware steals HTTP cookies and performs ..
---------------------------------------------
http://resources.infosecinstitute.com/moose-malware-part-1/


*** Edges for file renames and process kills. ***
---------------------------------------------
With build 47 ProcDOT introduced brand new edges to visualize situations where a file is being renamed or a process is being killed by some thread. While the latter was quite easy to implement it�s the renaming of files which stands out of the mass of typical frames/events in terms of ProcDOT�s animation capabilities.
---------------------------------------------
http://procdot.com/blog_20150623.htm


*** Support-Ende beim Windows Server 2003 am 14. Juli ***
---------------------------------------------
Länger als Windows XP hat Microsoft sein Server-Betriebssystem derselben Generation mit Sicherheits-Updates versorgt. Aber am 14. Juli ist damit endgültig Schluss. 
---------------------------------------------
http://www.heise.de/newsticker/meldung/Support-Ende-beim-Windows-Server-2003-am-14-Juli-2722123.html