[CERT-daily] Tageszusammenfassung - Dienstag 20-10-2015

Tue Oct 20 18:03:07 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 19-10-2015 18:00 − Dienstag 20-10-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Joomla! - Important Security Announcement - Patch Available Soon ***
---------------------------------------------
A Joomla 3.4.5 release containing a security fix will be published on Thursday 22nd October at approximately 14:00 UTC The Joomla Security Strike Team (JSST) has been informed of a critical security issue in the Joomla core. Since this is a *very important security fix*, please be prepared to update your Joomla installations next Thursday.
---------------------------------------------
https://www.joomla.org/announcements/release-news/5633-important-security-announcement-pre-release.html


*** JSA10700 - 2015-10 Security Bulletin: Junos: J-Web in SRX5000-Series: A remote attacker can cause a denial of service to SRX5000-Series when J-Web is enabled causing the SRX to enter debug prompt. (CVE-2014-6451) ***
---------------------------------------------
http://kb.juniper.net/index?page=content&id=JSA10700&actp=RSS


*** ZDI-15-525: Foxit Reader Forms Out-Of-Bounds Read Remote Code Execution Vulnerability ***
---------------------------------------------
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-15-525/


*** ZDI-15-524: Foxit Reader Forms Out-Of-Bounds Read Remote Code Execution Vulnerability ***
---------------------------------------------
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-15-524/


*** Lets Encrypt: Cross-Sign mit Identtrust abgeschlossen ***
---------------------------------------------
Let's Encrypt hat einen neuen Meilenstein erreicht: Der Cross-Sign mit Identtrust ist abgeschlossen. Ab Mitte November soll der Dienst für die breite Öffentlichkeit verfügbar sein.
---------------------------------------------
http://www.golem.de/news/let-s-encrypt-cross-sign-mit-identtrust-abgeschlossen-1510-116994.html


*** DSA-3375 wordpress - security update ***
---------------------------------------------
Several vulnerabilities have been fixed in Wordpress, the popularblogging engine.
---------------------------------------------
https://www.debian.org/security/2015/dsa-3375


*** Android 6.0: Verschlüsselung wird verpflichtend ***
---------------------------------------------
Einen zweiten Anlauf nimmt Google zur Absicherung von Android-Smartphones und Tablets: Mit Android 6.0 müssen – fast – alle neuen Geräte von Haus aus verschlüsselt werden, dies schreibt die neueste Version des Android Compatibility Definition Document vor.
---------------------------------------------
http://derstandard.at/2000024183416


*** Hacking ZigBee Networks ***
---------------------------------------------
What is ZigBee? Internet of Things (IoT) is what most experts consider as the next step of the Internet revolution where physical objects are invariably linked to the real and virtual world at the same time. Connected devices now ..
---------------------------------------------
http://resources.infosecinstitute.com/hacking-zigbee-networks/


*** OpenSSH: Erster Code von SSH für Windows frei verfügbar ***
---------------------------------------------
Die portable Version des aktuellen OpenSSH 7.1 stellt Microsoft nun auch für Windows bereit. Interessierte können außerdem künftig zu dem Projekt beitragen. Der produktive Einsatz soll noch in der ersten Jahreshälfte 2016 möglich sein. 
---------------------------------------------
http://www.golem.de/news/openssh-erster-code-von-ssh-fuer-windows-frei-verfuegbar-1510-117004.html


*** How a criminal ring defeated the secure chip-and-PIN credit cards ***
---------------------------------------------
Over $680,000 stolen via a clever man-in-the-middle attack.
---------------------------------------------
http://arstechnica.com/tech-policy/2015/10/how-a-criminal-ring-defeated-the-secure-chip-and-pin-credit-cards/


*** .:: Attacking Ruby on Rails Applications ::. ***
---------------------------------------------
This little article aims to give an introduction to the topic of attacking Ruby on Rails applications. Its neither complete nor dropping 0day. Its rather the authors attempt to accumulate the interesting attack paths and techniques in one write up. As yours truly spend most of his work on Ruby ..
---------------------------------------------
http://phrack.org/papers/attacking_ruby_on_rails.html


*** Korrupter Silk-Road-Ermittler zu über sechs Jahren Haft verurteilt ***
---------------------------------------------
Seine verdeckten Ermittlungen gegen den Drogenmarktplatz Silk Road nutzte ein US-Beamter für eigene kriminelle Machenschaften. Unter anderem wegen Erpressung und Geldwäsche muss er nun ins Gefängnis.
---------------------------------------------
http://heise.de/-2851334


*** Tech Support Scammers Impersonate Apple Technicians ***
---------------------------------------------
By setting up a phishing site for Apples remote sharing service, this tech support scam looks quite genuine.
---------------------------------------------
https://blog.malwarebytes.org/fraud-scam/2015/10/tech-support-scammers-impersonate-apple-technicians/


*** There's no place like ::1 - Malware for the masses ***
---------------------------------------------
Analyzing malware samples provided by customers usually leads to interesting results. Recently, an HP customer downloaded something via Microsoft Internet Explorer and provided the sample analyzed in this blog. In some cases, analysis of these types of samples provides insight into previously unknown ..
---------------------------------------------
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/There-s-no-place-like-1-Malware-for-the-masses/ba-p/6803498


*** Das BSI nimmt sich der Router-Sicherheit an ***
---------------------------------------------
Das BSI hat ein Testkonzept vorgestellt, das die Sicherheit von Endkunden-Routern vergleichbar machen soll. Die 'wesentliche Sicherheitskomponente zum Schutz des internen Netzes' soll endlich sicher werden.
---------------------------------------------
http://heise.de/-2851354