[CERT-daily] Tageszusammenfassung - Freitag 15-01-2016

Fri Jan 15 18:08:39 CET 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 14-01-2016 18:00 − Freitag 15-01-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  Stephan Richter


*** NCCIC/ICS-CERT Monitor for November-December 2015 ***
---------------------------------------------
The NCCIC/ICS-CERT Monitor for November-December 2015 is a summary of ICS-CERT activities for that period of time.
---------------------------------------------
https://ics-cert.us-cert.gov/monitors/ICS-MM201512
Download: https://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-CERT%20Monitor_Nov-Dec2015_S508C.pdf


*** Oracle Critical Patch Update - January 2016 - Pre-Release Announcement ***
---------------------------------------------
[...] This Critical Patch Update contains 248 new security vulnerability fixes across hundreds of Oracle products. Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products.  Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible.
---------------------------------------------
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html


*** Creator of MegalodonHTTP DDoS Botnet Arrested ***
---------------------------------------------
Last month, the Norway police arrested five hackers accused of running the MegalodonHTTP Remote Access Trojan (RAT). The arrests came as part of the joint operation between Norway's Kripos National Criminal Investigation Service and Europol, codenamed "OP Falling sTAR." According to the United States security firm, all the five men, aged between 16 and 24 years and located in Romania,...
---------------------------------------------
https://thehackernews.com/2016/01/MegalodonHTTP-DDoS-Botnet.html


*** Kreditkartenhack bei VISA: Unter anderem A1-Kunden betroffen ***
---------------------------------------------
Ein Drittanbieter in Island wurde angegriffen - rund 2.000 A1 Visa-Kunden erhalten neue Karte
---------------------------------------------
http://derstandard.at/2000029114201


*** Updated BlackEnergy Trojan Grows More Powerful ***
---------------------------------------------
In late December, a cyberattack caused a power outage in the Ukraine, plunging hundreds of thousands of citizens into darkness for hours. Threat researchers soon confirmed that the BlackEnergy malware package, first developed in 2007, was the culprit. They also discovered that the malware has been significantly upgraded since its first release.
---------------------------------------------
https://blogs.mcafee.com/mcafee-labs/updated-blackenergy-trojan-grows-more-powerful/


*** Wieder sicher: Authentifizierungsprotokoll OAuth ***
---------------------------------------------
Angreifer sollen abermals Log-in-Daten von Nutzern abgreifen können, wenn diese sich mittels OAuth bei Online-Services anmelden. Die Schwachstellen wurden bereits geschlossen. Sicherheitsforscher attestieren dem Protokoll insgesamt eine hohe Sicherheit.
---------------------------------------------
http://heise.de/-3071639


*** Spamming Someone from PayPal ***
---------------------------------------------
Troy Hunt has identified a new spam vector. PayPal allows someone to send someone else a $0 invoice. The spam is in the notes field. But its a legitimate e-mail from PayPal, so it evades many of the traditional spam filters. Presumably it doesnt cost anything to send a $0 invoice via PayPal. Hopefully, the company will close this loophole...
---------------------------------------------
https://www.schneier.com/blog/archives/2016/01/spamming_someon.html


*** OS Xs Gatekeeper bypassed again ***
---------------------------------------------
Do you remember when, last October, Synack director of research Patrick Wardle found a simple way to evade OS Xs Gatekeeper defense mechanism by bundling up a legitimate Apple-signed app with a malic...
---------------------------------------------
http://www.net-security.org/secworld.php?id=19336


*** Advantech WebAccess Vulnerabilities ***
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01


*** Manage Engine Applications Manager 12 Multiple Vulnerabilities ***
---------------------------------------------
Applications Manager suffers from multiple vulnerabilities including XSS, CSRF and Privilege Escalation.
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5292.php