[CERT-daily] Tageszusammenfassung - Montag 1-08-2016

Daily end-of-shift report team at cert.at
Mon Aug 1 18:03:50 CEST 2016


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 29-07-2016 18:00 − Montag 01-08-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Fake FreeDNS Used to Redirect Traffic to Malicious Sites ***
---------------------------------------------
During the last couple of days we performed a few similar cleanup requests where sites occasionally redirected visitors to malicious sites that displayed ads, spam and malicious downloads. One of our security analysts, Andrey Kucherov, ..
---------------------------------------------
https://blog.sucuri.net/2016/07/fake-freedns-used-to-redirect-traffic-to-malicious-sites.html




*** SwiftKey zeigt Vorschläge fremder Nutzer ***
---------------------------------------------
Nutzer des alternativen Smartphone-Keyboards SwiftKey haben Wortvorschläge fremder Nutzer erhalten. Neben Wörtern in anderen Sprachen sollen auch fremde E-Mail-Adressen darunter gewesen sein.
---------------------------------------------
http://heise.de/-3282177




*** DSA-3636 collectd - security update ***
---------------------------------------------
Emilien Gaspar discovered that collectd, a statistics collection andmonitoring daemon, incorrectly processed incoming networkpackets. This resulted in a heap overflow, allowing a remote attackerto either cause a DoS via application crash, or potentially executearbitrary code.
---------------------------------------------
https://www.debian.org/security/2016/dsa-3636




*** HTML-Injection-Lücke erlaubte Zertifikatsklau bei Comodo ***
---------------------------------------------
Eine Lücke im Zertifikats-Bestellsystem der Certification Authority Comodo erlaubte es Angreifern, sich SSL-Zertifikate für fremde Websites ausstellen zu lassen, was Man-in-the-middle-Lauschangriffe auf deren Traffic ermöglicht.
---------------------------------------------
http://heise.de/-3282183




*** Xen Vulnerability Allows Hackers To Escape Qubes OS VM And Own the Host ***
---------------------------------------------
Slashdot reader Noryungi writes: Qubes OS certainly has an intriguing approach to security, but a newly discovered Xen vulnerability allows a hacker to escape a VM and own the host. If you are running Qubes, make sure you update ..
---------------------------------------------
https://tech.slashdot.org/story/16/07/30/1552244/xen-vulnerability-allows-hackers-to-escape-qubes-os-vm-and-own-the-host




*** DSA-3634 redis - security update ***
---------------------------------------------
It was discovered that redis, a persistent key-value database, did notproperly protect redis-cli history files: they were created by defaultwith world-readable permissions.
---------------------------------------------
https://www.debian.org/security/2016/dsa-3634




*** Are you getting I-CANNED? ***
---------------------------------------------
One year ago, I already covered the impact that ICANNs latest money grab was having on security, see https://isc.sans.edu/forums/diary/httpsyourfakebanksupport+TLD+confusion+starts/18651/. ICANN is the organization that ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=21323




*** Booking Calendar <= 6.2 - SQL Injection ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8576




*** Booking Calendar <= 6.2 - Reflected Cross-Site Scripting (XSS) ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8575




*** Pokémon GO Creators Twitter Account Hacked — Pika, Pikaaaa! ***
---------------------------------------------
Twitter account of another high-profile CEO has been hacked! This time, its Niantic CEO John Hanke, the developer behind the worlds most popular game Pokémon GO. And it ..
---------------------------------------------
https://thehackernews.com/2016/07/pokemon-go-hack.html




*** Kaspersky DDoS Intelligence Report for Q2 2016 ***
---------------------------------------------
In Q2 2016, the geography of DDoS attacks narrowed to 70 countries, with China accounting for 77.4% of attacks. In fact, 97.3% of the targeted resources were located in ..
---------------------------------------------
http://securelist.com/analysis/quarterly-malware-reports/75513/kaspersky-ddos-intelligence-report-for-q2-2016/




*** INTERPOL Arrests Business Email Compromise Scam Mastermind ***
---------------------------------------------
Business Email Compromise (BEC) attacks have proven to be an effective tactic, with criminals stealing large amounts of money from various businesses. From 2013 to 2015, BEC-related damages were estimated at US$ 2.3 billion. Targeting ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/interpol-arrests-business-email-compromise-scam-mastermind/




*** Sicherheitslücke: Millionen Daten von Flugreisenden jahrelang im Internet ***
---------------------------------------------
Rechnungen, Namen und teilweise sogar die Bankdaten von Flugreisenden waren jahrelang ohne technische Hürden offen im Netz verfügbar - ohne, dass es jemandem aufgefallen wäre. Auch Kriminelle haben die Daten nach aktuellem Stand übersehen.
---------------------------------------------
http://www.golem.de/news/sicherheitsluecke-millionen-daten-von-flugreisenden-jahrelang-im-internet-1608-122453.html


More information about the Daily mailing list