[CERT-daily] Tageszusammenfassung - Mittwoch 17-02-2016

Wed Feb 17 18:03:08 CET 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 16-02-2016 18:00 − Mittwoch 17-02-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Cisco 1000 Series Connected Grid Routers SNMP BRIDGE MIB Denial of Service Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160216-grid


*** Stuxnet als erster Akt: USA wollten Iran mit Cyberangriff lahmlegen ***
---------------------------------------------
Geheimprojekt "Nitro Zeus" hätte Infrastruktur zerstören sollen – außerdem detaillierte Pläne gegen Nuklearanlage ..
---------------------------------------------
http://derstandard.at/2000031233923


*** Machine-Learning: Künstliche neuronale Netzwerke erleichtern Passwortcracking ***
---------------------------------------------
Ein Machbarkeitsnachweis zeigt, dass künstliche neuronale Netzwerke mit etwas Training benutzt werden können, um Passwörter zu knacken. Selbst bei recht komplexen klappt das erstaunlich gut. 
---------------------------------------------
http://www.golem.de/news/machine-learning-kuenstliche-neuronale-netzwerke-erleichtern-passwortcracking-1602-119145.html


*** Pwning CCTV cameras ***
---------------------------------------------
CCTV is ubiquitous in the UK. A recent study estimates there are about 1.85m cameras across the UK - most in private premises. Most of those cameras will be connected to some kind of recording device, which these days means a Digital Video Recorder or DVR.
---------------------------------------------
https://www.pentestpartners.com/blog/pwning-cctv-cameras/


*** Gerichtliche Anordnung zum iPhone-Entsperren: Apple-Chef Tim Cook widersetzt sich ***
---------------------------------------------
Tim Cook hat sich ungewöhnlicherweise in einem offenen Brief an die Kunden gewandt. Darin begründet er, warum sich das Unternehmen weigert, dem FBI mit einer Hintertür bei Ermittlungen zu helfen.
---------------------------------------------
http://heise.de/-3107769


*** Verheerender Fehler gefährdet fast alle Linux-Systeme ***
---------------------------------------------
Fehler in der glibc kann zum Einschmuggeln von Code ausgenutzt werden - Update dringend empfohlen
---------------------------------------------
http://derstandard.at/2000031281408


*** Linux Fysbis Trojan, a new weapon in the Pawn Storm's arsenal ***
---------------------------------------------
Malware researchers at PaloAlto discovered the Fysbis Trojan, a simple and an effective Linux threat used by the Russian cyberspy group Pawn Storm. Do you remember the Pawn Storm hacking crew? Security experts have identified this group of Russian hackers with several names, including ..
---------------------------------------------
http://securityaffairs.co/wordpress/44551/hacking/pawn-storm-linux-fysbis-trojan.html


*** Mazar: Forscher warnen vor mächtiger Android-Malware ***
---------------------------------------------
Verwendet Tor-Netzwerk um Spuren zu verwischen - Kann volle Kontrolle �bernehmen, braucht aber reichlich Mitarbeit der Nutzer
---------------------------------------------
http://derstandard.at/2000031296473


*** OceanLotus for OS X - an Application Bundle Pretending to be an Adobe Flash Update ***
---------------------------------------------
In May 2015, researchers at Qihoo 360 published a report on OceanLotus that included details about malware targeting Chinese infrastructure. In that report, there is a description about a piece of malware that targets OS X systems. A sample of that malware was uploaded to VirusTotal a few months ..
---------------------------------------------
https://www.alienvault.com/open-threat-exchange/blog/oceanlotus-for-os-x-an-application-bundle-pretending-to-be-an-adobe-flash-update


*** [HTB23284]: RCE via CSRF in osCommerce ***
---------------------------------------------
High-Tech Bridge Security Research Lab discovered vulnerability in popular e-commerce software osCommerce with 280,000 store owners (according to the vendor). The vulnerability can be exploited to execute arbitrary PHP code on the remote system, compromise the vulnerable web application, its database and even the web server and related environment. 
---------------------------------------------
https://www.htbridge.com/advisory/HTB23284


*** [HTB23291]: SQL Injection in webSPELL ***
---------------------------------------------
High-Tech Bridge Security Research Lab discovered two vulnerabilities in a popular CMS webSPELL developed for the needs of esport related communities. The vulnerability allows a remote authenticated attacker with cashbox access privileges to execute arbitrary SQL commands ..
---------------------------------------------
https://www.htbridge.com/advisory/HTB23291


*** The Dridex Banking Trojan ***
---------------------------------------------
Dridex is a generation of banking trojans, one of the most prominent threats for companies. A banking trojan basically is malicious software (malware) that tries to obtain confidential information from your computer system, targetting specifically online banking and payment systems. The Dridex trojan is equipped to steal all data necessary for fraudulent activities.
---------------------------------------------
http://www.techknow.one/forum/index.php?topic=9346