[CERT-daily] Tageszusammenfassung - Dienstag 26-05-2015

Tue May 26 18:15:00 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 22-05-2015 18:00 − Dienstag 26-05-2015 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter


*** Annual Privacy Forum 2015: Call for Papers and latest news ***
---------------------------------------------
The Annual Privacy Forum (APF) meeting will be taking place on the 7th and 8th of October 2015 in Luxembourg, during its Presidency of the Council of the EU.  This year, the main focus of the APF will be on privacy of electronic communications.
Current open calls:...
---------------------------------------------
http://www.enisa.europa.eu/media/news-items/annual-privacy-forum-2015-call-for-papers-and-latest-news


*** Securing Web APIs: The Basics with Node.js Examples ***
---------------------------------------------
Introduction Public-facing APIs have tremendously increased in the last couple of years. Businesses have seen that sharing their business data with the public can be beneficial. There are many reasons for this: such as the fact that it allows the API users to create something new and interesting with the shared data, and that APIs...
---------------------------------------------
http://resources.infosecinstitute.com/securing-web-apis-the-basics-with-node-js-examples/


*** Android: Schlüssel werden auf zurückgesetzten Smartphones nicht gelöscht ***
---------------------------------------------
Auf zurückgesetzten Android-Smartphones lassen sich Daten wiederherstellen, auch auf solchen, die zuvor verschlüsselt wurden. Anwender können kaum etwas dagegen tun.
---------------------------------------------
http://www.golem.de/news/android-schluessel-werden-auf-zurueckgesetzten-smartphones-nicht-geloescht-1505-114238-rss.html


*** Recent Breaches a Boon to Extortionists ***
---------------------------------------------
The recent breaches involving the leak of personal data on millions of customers at online hookup site Adult Friend Finder and mobile spyware maker mSpy give extortionists and blackmailers plenty of ammunition with which to ply their trade. And there is some evidence that neer-do-wells are actively trading this data and planning to abuse it for financial gain.
---------------------------------------------
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/spK0KOTLf64/


*** Travel smart: Tips for staying secure on the road ***
---------------------------------------------
Cybercriminals dont take vacations. In fact, they feast on tourists and travelers, taking advantage of people when their guards are down or when theyre distracted by other pursuits. Wombat Security Technologies pulled together four essential tips from our security awareness and training materials that you can use to stay safe when you travel
---------------------------------------------
http://www.net-security.org/secworld.php?id=18421


*** How to Pass-the-Hash with Mimikatz ***
---------------------------------------------
A hidden gem in mimikatz is its ability to create a trust relationship from a username and password hash.
---------------------------------------------
http://blog.cobaltstrike.com/2015/05/21/how-to-pass-the-hash-with-mimikatz/


*** Windows Functions in Malware Analysis - Cheat Sheet - Part 1 ***
---------------------------------------------
In this article, we will learn briefly about the various windows functions commonly encountered by malware analysts. Windows Functions Accept: This function is used to listen for incoming connections. This function indicates that the program will listen for incoming connections on a socket. It is mostly used by malware to communicate with their Command and...
---------------------------------------------
http://resources.infosecinstitute.com/windows-functions-in-malware-analysis-cheat-sheet-part-1/


*** Exploit-Kit greift über 50 Router-Modelle an ***
---------------------------------------------
Wer einen unsicher konfigurierten Router betreibt, könnte schon bald Probleme bekommen: Ein Virenforscher hat ein Exploit-Kit entdeckt, das zahlreiche Router-Modelle bekannter Hersteller angreifen kann.
---------------------------------------------
http://heise.de/-2665387


*** How often should companies conduct web penetration testing? ***
---------------------------------------------
Following our previous blog post "How long does website penetration testing take" we received a lot of questions from our customers and partners about the recommended frequency of penetration testing for their web applications. In this blog post we will answer that question.
---------------------------------------------
https://www.htbridge.com/blog/how_often_conduct_web_penetration_testing.html


*** Cisco Unified Communications Manager Multiple Vulnerabilities ***
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=38964


*** Cisco HCS Administrative Web Interface Arbitrary Command Execution Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=38969


*** IBM Security Bulletins ***
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/?lang=en_us


*** PostgreSQL Bugs Let Remote Users Deny Service and Obtain Potentially Sensitive Information ***
---------------------------------------------
http://www.securitytracker.com/id/1032396


*** Cacti Input Validation Flaw in graph.php Lets Remote Authenticated Users Inject SQL Commands ***
---------------------------------------------
http://www.securitytracker.com/id/1032385


*** VU#551972: Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files ***
---------------------------------------------
Vulnerability Note VU#551972 Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files Original Release date: 26 May 2015 | Last revised: 26 May 2015   Overview The Synology Cloud Station sync client for OS X contains a setuid root executable that allows regular users to claim ownership of system files.  Description CWE-276: Incorrect Default Permissions - CVE-2015-2851The Synology Cloud Station sync client for OS X contains an executable named
---------------------------------------------
http://www.kb.cert.org/vuls/id/551972


*** Bugtraq: Synology Photo Station multiple Cross-Site Scripting vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/archive/1/535607


*** Bugtraq: Reflected Cross-Site Scripting in Synology DiskStation Manager ***
---------------------------------------------
http://www.securityfocus.com/archive/1/535606


*** Bugtraq: Command injection vulnerability in Synology Photo Station ***
---------------------------------------------
http://www.securityfocus.com/archive/1/535605


*** HP SiteScope Unspecified Flaw Lets Remote Authenticated Users Gain Elevated Privileges ***
---------------------------------------------
http://www.securitytracker.com/id/1032395


*** GigPress <= 2.3.8 - Authenticated SQL Injection ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8003


*** NewStatPress 0.9.8 - XSS and SQL Injection ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8004