[CERT-daily] Tageszusammenfassung - Dienstag 17-11-2015

Tue Nov 17 18:08:42 CET 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 16-11-2015 18:00 − Dienstag 17-11-2015 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter


*** Cyber crooks actively hijacking servers with unpatched vBulletin installations ***
---------------------------------------------
Administrators of vBulletin installations would do well to install the latest vBulletin Connect updates as soon as possible, as cyber crooks are actively searching for servers running vulnerable versi...
---------------------------------------------
http://www.net-security.org/secworld.php?id=19113


*** Windows driver signing bypass by Derusbi ***
---------------------------------------------
Derusbi is an infamous piece of malware. The oldest identified version was compiled in 2008. It was used on well-known hacks such as the Mitsubishi Heavy Industries hack discovered in October 2011 or the Anthem hack discovered in 2015.
---------------------------------------------
http://www.sekoia.fr/blog/windows-driver-signing-bypass-by-derusbi/


*** Developers Are (still) From Mars, Infosec People (still) From Venus ***
---------------------------------------------
In March 2011, Brian Honan contributed to an issue of the INSECURE magazine with an article called "Management are from Mars, information security professional are from Venus". This title comes from the John Gray's worldwide bestseller where he presents the relations between men and women. Still today, we can reuse this subject for many purposes. Last week, I...
---------------------------------------------
https://blog.rootshell.be/2015/11/17/developers-mars-infosec-people-venus/


*** Why Algebraic Eraser may be the riskiest cryptosystem you've never heard of ***
---------------------------------------------
Researchers say there's a fatal flaw in proposed "Internet of things" standard.
---------------------------------------------
http://arstechnica.com/security/2015/11/why-algebraic-eraser-may-be-the-most-risky-cryptosystem-youve-never-heard-of/


*** Cyber Security Assessment Netherlands 2015: cross-border cyber security approach necessary ***
---------------------------------------------
Cybercrime and digital espionage remain the largest threat to digital security in the Netherlands. Geopolitical developments like international conflicts and political sensitivities have a major impact on the scope of this threat. These are key findings from the Cyber Security Assessment Netherlands (CSAN), presented to the House of Representatives by State Secretary Dijkhoff in October, and now available in English.
---------------------------------------------
https://www.ncsc.nl/english/current-topics/news/cyber-security-assessment-netherlands-2015.html


*** Gas- und Öl-Industrie: Leichte Ziele für Hacker ***
---------------------------------------------
Sicherheitsforscher warnen davor, dass Cyber-Kriminelle mit vergleichsweise einfachen Methoden einen Großteil der weltweiten Öl-Produktion kontrollieren könnten.
---------------------------------------------
http://heise.de/-2922912


*** Bugtraq: Open-Xchange Security Advisory 2015-11-17 ***
---------------------------------------------
PGP public keys allow to specify arbitrary "User ID" information that gets encoded to the public key and is presented to OX Guard users at "Guard PGP Settings". Public keys containing such content are still valid. Therefor they can be distributed and in case the uid field contains javascript code, they can be used to inject code.
---------------------------------------------
http://www.securityfocus.com/archive/1/536923


*** Cisco Firepower 9000 Unauthenticated File Access Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-firepower


*** D-Link DIR-645 UPNP Buffer Overflow ***
---------------------------------------------
Topic: D-Link DIR-645 UPNP Buffer Overflow Risk: High Text:## Advisory Information Title: Dlink DIR-645 UPNP Buffer Overflow Vendors contacted: William Brown <william.brown at dlink.com...
---------------------------------------------
https://cxsecurity.com/issue/WLB-2015110133


*** D-Link DIR-815 Buffer Overflow / Command Injection ***
---------------------------------------------
Topic: D-Link DIR-815 Buffer Overflow / Command Injection Risk: High Text:## Advisory Information Title: DIR-815 Buffer overflows and Command injection in authentication and HNAP functionalities Ve...
---------------------------------------------
https://cxsecurity.com/issue/WLB-2015110135


*** Huawei Security Notice - Statement on Seclists.org Revealing Security Vulnerability in Huawei P8 Smart Phone ***
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/hw-462315.htm