[CERT-daily] Tageszusammenfassung - Samstag 24-12-2016

Sat Dec 24 11:13:15 CET 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 22-12-2016 18:00 − Freitag 23-12-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Litauen entdeckt russische Spionage-Software auf Regierungsrechnern ***
---------------------------------------------
Schadsoftware wurde offenbar mittels infizierter USB-Sticks auf die Computer eingebracht
---------------------------------------------
http://derstandard.at/2000049749836


*** So somebody is throwing HTML at your sshd. What to do? ***
---------------------------------------------
Yes, its exactly as wrong as it sounds. Heres a distraction with bizarre twists for the true log file junkies among you. Happy reading for the holidays!As will probably not surprise ..
---------------------------------------------
http://bsdly.blogspot.com/2016/12/so-somebody-is-throwing-html-at-your.html


*** Cerber Ransomware Doesnt Delete Shadow Volume Copies Anymore, Prioritizes Office Docs ***
---------------------------------------------
Recent versions of the Cerber ransomware are behaving somewhat different from older variants, with the ransomware ..
---------------------------------------------
https://www.bleepingcomputer.com/news/security/cerber-ransomware-doesnt-delete-shadow-volume-copies-anymore-prioritizes-office-docs/


*** Before You Pay that Ransomware Demand… ***
---------------------------------------------
A decade ago, if a desktop computer got infected with malware the chief symptom probably was an intrusive browser toolbar of some kind. Five years ago you were more likely to whacked ..
---------------------------------------------
https://krebsonsecurity.com/2016/12/before-you-pay-that-ransomware-demand/


*** Steganalysis, the Counterpart of Steganography ***
---------------------------------------------
In my last blog post I discussed the art of embedding secret messages in any file so that only the sender and the receiver ..
---------------------------------------------
https://www.trustwave.com/Resources/SpiderLabs-Blog/Steganalysis,-the-Counterpart-of-Steganography/


*** New Guide to Fixing Google Blacklist Warnings ***
---------------------------------------------
One of the worst experiences a website owner can have is being blacklisted by Google. If you are one of the 10,000 websites that has been slapped with a ..
---------------------------------------------
https://blog.sucuri.net/2016/12/guide-to-fix-site-warnings.html


*** Fidelix FX-20 Series Controllers Path Traversal Vulnerability ***
---------------------------------------------
This advisory contains mitigation details for a path traversal vulnerability in Fidelix FX-20 series controllers.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-357-01


*** WAGO Ethernet Web-based Management Authentication Bypass Vulnerability ***
---------------------------------------------
This advisory contains mitigation details for an authentication bypass vulnerability in WAGO’s Ethernet Web-based Management products.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-357-02


*** Your password expiry policy may have reached its expiry date ***
---------------------------------------------
In cyber security as much as anywhere else, its important to use the right tools for the job at hand. However, sometimes we can get a bit too attached to particular tools, ..
---------------------------------------------
https://www.ncsc.gov.uk/blog-post/your-password-expiry-policy-may-have-reached-its-expiry-date


*** As Bitcoin Price Surges, Phishing Attacks on Cryptocurrency Wallets Intensify ***
---------------------------------------------
Bitcoin price surge reverberates through cybercriminal landscape, as cyber-criminals ramp up phishing attacks ..
---------------------------------------------
https://www.bleepingcomputer.com/news/security/as-bitcoin-price-surges-phishing-attacks-on-cryptocurrency-wallets-intensify/


*** Using Monitor Resolution as Obfuscation Technique ***
---------------------------------------------
A quick blog post about a malicious VBScript macro that I analysed. Bad guys have always plenty of ..
---------------------------------------------
https://blog.rootshell.be/2016/12/23/using-monitor-resolution-obfuscation-technique/


*** Keine Belege für geplante russische Cyberangriffe auf die Bundestagswahl ***
---------------------------------------------
http://derstandard.at/2000049777463


*** Drastische Warnungen vor dem "Internet der Dildos" ***
---------------------------------------------
Neue Gruppe will auf Gefahren durch smarte Sexspielzeuge aufmerksam machen
---------------------------------------------
http://derstandard.at/2000049785388


*** Alle Jahre wieder: Netgear-Router N300 / WNR2000 angreifbar ***
---------------------------------------------
Eine Zero-Day-Lücke plagt mal wieder Router von Netgear. Das verwundbare Modell ist in der Vergangenheit auch schon Opfer gravierender Lücken geworden.
---------------------------------------------
https://heise.de/-3581275


*** Koolova Ransomware Decrypts for Free if you Read Two Articles about Ransomware ***
---------------------------------------------
A new in-development variant of the Koolova Ransomware has been discovered that will decrypt your ..
---------------------------------------------
https://www.bleepingcomputer.com/news/security/koolova-ransomware-decrypts-for-free-if-you-read-two-articles-about-ransomware/


Aufgrund des Feiertages am Montag, den 26.12.2016, erscheint der nächste End-of-Shift-Report erst am Dienstag, den 27.12.2016