[CERT-daily] Tageszusammenfassung - Dienstag 10-11-2015

Tue Nov 10 18:08:40 CET 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 09-11-2015 18:00 − Dienstag 10-11-2015 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter


*** The Internet of Bad Things, Observed ***
---------------------------------------------
In his VB2015 keynote address, Ross Anderson described attacks against EMV cards.The VB2015 opening keynote by Ross Anderson could hardly have been more timely. In his talk "The Internet of Bad Things, Observed", the Cambridge professor looked at various attacks against the EMV standard for payment cards - attacks that have been used to steal real money from real people.Such cards, often called chip-and-PIN or chip-and-signature, are generally seen as better protected against...
---------------------------------------------
http://www.virusbtn.com/blog/2015/11_10.xml?rss


*** Linux.Encoder.1: Ransomware greift Magento-Nutzer an ***
---------------------------------------------
Eine Malware für Linux verschlüsselt zurzeit die Daten von Nutzern des Magento-Shopsystems. Für die Entschlüsselung sollen die Opfer zahlen, doch die Angreifer haben geschlampt: Die Verschlüsselung lässt sich knacken.
---------------------------------------------
http://www.golem.de/news/linux-encoder-1-ransomware-greift-magento-nutzer-an-1511-117388-rss.html


*** Comodo fixes bug, revokes banned certificates ***
---------------------------------------------
After reporting last week that it had issued banned certificates that could facilitate man in the middle (MitM) attacks, Comodo has fixed the "subtle bug" that the companys Senior Research and Development Scientist Rob Stradling wrote prompted the problem.
---------------------------------------------
http://www.scmagazine.com/comodo-fixes-bug-revokes-banned-certificates/article/452878/


*** Proof-of-concept threat is reminder OS X is not immune to crypto ransomware ***
---------------------------------------------
Symantec analysis confirms that in the wrong hands, Mabouia ransomware could be used to attack Macs.      Twitter Card Style:  summary  Analysis by Symantec has confirmed that the proof-of-concept (PoC) threat known as Mabouia works as described and could be used to create functional OS X crypto ransomware if it fell into the wrong hands.read more
---------------------------------------------
http://www.symantec.com/connect/blogs/proof-concept-threat-reminder-os-x-not-immune-crypto-ransomware


*** Protecting Users and Enterprises from the Mobile Malware Threat, (Mon, Nov 9th) ***
---------------------------------------------
With recent news of mobile malicious adware that roots smartphones, attention is again being paid to mobile security and the malware threat that is posed to it. While mobile ransomware is also a pervasive and growing threat, there are mobile RATs (such as JSocket and OmniRAT) that are also able to take full remote control of mobile devices. Some of the functionality of those tolls includes the ability to use the microphone to listen in on victims and to view whatever is in front of the camera...
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20355&rss


*** Cisco Connected Grid Network Management System Privilege Escalation Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151109-cg-nms


*** Citrix XenServer Security Update for CVE-2015-5307 and CVE-2015-8104 ***
---------------------------------------------
A security vulnerability has been identified in Citrix XenServer that may allow a malicious administrator of an HVM guest VM to crash the host. ...
---------------------------------------------
http://support.citrix.com/article/CTX202583


*** PowerDNS Security Advisory 2015-03: Packet parsing bug can lead to crashes ***
---------------------------------------------
A bug was found using afl-fuzz in our packet parsing code. This bug, when exploited, causes an assertion error and consequent termination of the the pdns_server process, causing a Denial of Service. ... PowerDNS Authoritative Server 3.4.4 - 3.4.6 are affected. No other versions are affected. The PowerDNS Recursor is not affected.
---------------------------------------------
https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/