[CERT-daily] Tageszusammenfassung - Dienstag 12-05-2015

Tue May 12 18:04:20 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 11-05-2015 18:00 − Dienstag 12-05-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Steganography and Malware: Concealing Code and C&C Traffic ***
---------------------------------------------
In our earlier post discussing steganography, I discussed how it is now being used to hide configuration data by malware attackers. Let's go discuss this subject another facet of this topic in this post: how actual malware code is hidden in similar ways. Security analysts will probably throw their hands up in the air and say, 'we've ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/steganography-and-malware-concealing-code-and-cc-traffic/


*** Add GitHub dorking to list of security concerns ***
---------------------------------------------
One of the big lessons that weve learned in the last 10 years is that even little pieces of once disparate data, gathered in a single location, can yield startling truths. With Facebook, that lesson crystallized with the introduction of its Graph Search feature in 2013, when the online world ..
---------------------------------------------
http://www.csoonline.com/article/2921177/application-security/add-github-dorking-to-list-of-security-concerns.html


*** Golem.de-Test mit Kaspersky: So sicher sind Fototerminals und Copyshops ***
---------------------------------------------
Wie gefährlich ist es, mit beschreibbaren USB-Sticks und SD-Karten Fotos und Dateien ausdrucken zu lassen? Golem.de hat zusammen mit dem Sicherheitsunternehmen Kaspersky getestet, ob auch Windows-XP-Terminals ohne Virenscanner sicher sind. 
---------------------------------------------
http://www.golem.de/news/golem-de-test-mit-kaspersky-so-sicher-sind-fototerminals-und-copyshops-1505-113981.html


*** Verschlüsselte OSGP-Kommunikation von Smart Metern leicht belauschbar ***
---------------------------------------------
Wenn Geräte im Smart Grid Informationen austauschen, könnten Angreifer trotz Krypto-Einsatz zumindest beim Standard Open Smart Grid Protocol Daten abgreifen. Sicherheitsforscher machen dafür das schwache Protokoll verantwortlich. 
---------------------------------------------
http://heise.de/-2642228


*** The State of ASLR on Android Lollipop ***
---------------------------------------------
Modern platforms like Android devices enforce execute protections on memory, so injecting code into the process is often no longer the lowest hanging fruit for exploitation. Reusing the existing code and data has become the norm, and statistical defense via Address-Space Layout randomization is still the only widely available ..
---------------------------------------------
https://copperhead.co/2015/05/11/aslr-android-zygote


*** How secure will our data be in the post-quantum era? ***
---------------------------------------------
Build your security for the next 50 years. If the speed of processing doubles every two years, make sure your cryptographic systems can't be brute forced in 50 years. If you use 2048 bit RSA, it will take some quadrillion years to break it. Good enough, right?
---------------------------------------------
https://medium.com/@amarchenkova/how-secure-will-our-data-be-in-the-post-quantum-era-6a7f444ce7d5


*** Bublik Trojan - Variant Evolves with New Features ***
---------------------------------------------
While there are many similar types of malware in use today, Bublik is being used for malicious activity and appears to be under active development, suggesting that its creators have paying customers. Because security involves a dynamic interaction ..
---------------------------------------------
http://www.isightpartners.com/2015/05/bublik-trojan-variant-evolves-with-new-features/