[CERT-daily] Tageszusammenfassung - Mittwoch 20-07-2016

Wed Jul 20 18:01:34 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 19-07-2016 18:00 − Mittwoch 20-07-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** DDoS trends: Bigger, badder but not longer ***
---------------------------------------------
10Gbps is the new norm, warns Arbor Networks DDoS attacks once again escalated in both size and frequency during the first six months of 2016.
---------------------------------------------
www.theregister.co.uk/2016/07/19/ddos_sitrep/


*** Critical Patch Update - July 2016 ***
---------------------------------------------
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html


*** Solaris Third Party Bulletin - July 2016 ***
---------------------------------------------
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html


*** Oracle Linux Bulletin - July 2016 ***
---------------------------------------------
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html


*** Oracle VM Server for x86 Bulletin - July 2016 ***
---------------------------------------------
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html


*** ASN.1 Anyone? CVE-2016-5080, (Tue, Jul 19th) ***
---------------------------------------------
*Queue Back to the Future Music* Over more than a decade ago there was a major discovery in ASN.1 that contributed to arguably one of the worst vulnerabilities in a long time. Fast forward *Queue awful fast forward tape music* to ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=21277


*** WordPress admin? Thinking of spending time with the family? Think again ***
---------------------------------------------
P0wnage party pops plugins, providing plenty of party-pooping projects The Dutch hacking communitys Summer of Pwnage (SoP) has disclosed three vulnerabilities in WordPress plugins, including an XSS in the popular Ninja Forms.
---------------------------------------------
www.theregister.co.uk/2016/07/20/wordpress_admin_thinking_of_spending_time_with_the_family_think_again/


*** Flaws found in security products from AVG, Symantec and McAfee ***
---------------------------------------------
Patch frenzy imminent, say researchers, thanks to bad use of code hooking Hundreds of security products may not be up the job, researchers say, thanks to flawed uses of code hooking.…
---------------------------------------------
www.theregister.co.uk/2016/07/20/hooks_cooked_hackers_crack_tonnes_of_security_apps_for_new_cloak_yoke


*** Ruining the Magic of Magentos Encryption Library ***
---------------------------------------------
Lets look at how Magento implements cryptography, with a series of exhibits followed by an explanation of whats happening and why its dangerous: ... If you looked at the code, I promise this is every bit as bad as it looks at a glance.
---------------------------------------------
http://www.openwall.com/lists/oss-security/2016/07/19/3


*** Hackers Allegedly Steal 1.4M Passwords From Mac Forums, Web Hosting Talk ***
---------------------------------------------
A hacker or hackers has allegedly stolen more than 1.4 million passwords, email addresses, and other data from the databases of popular forums including Web Hosting Talk, and Mac Forums and HotScripts.
---------------------------------------------
https://motherboard.vice.com/read/hackers-allegedly-steal-14m-passwords-from-mac-forums-web-hosting-talk


*** DNSSEC-Schlüsseltausch 2017 – die Vorbereitungen laufen ***
---------------------------------------------
Wer am 11. Oktober 2017 meint, dass sein Internet kaputt ist, der sollte bei seinem Provider nachfragen, ob das mit dem DNSSEC-Schlüsseltausch zu tun hat. Bis dahin ist es zwar noch ein wenig hin, doch die Vorbereitungen laufen auf Hochtouren.
---------------------------------------------
http://heise.de/-3273136


*** ICS Security Training In London ***
---------------------------------------------
SANS ICS London takes place on September 19-25th, at the Grand Connaught Rooms. - Attend the one-day European ICS Security Summit on Monday 19th September. - Take ICS515: ICS Active Defence and Incident Response - a 5-day course, ..
---------------------------------------------
https://www.sans.org/event/ics-london-2016


*** Vtiger CRM does not properly restrict access to application data ***
---------------------------------------------
http://jvn.jp/en/jp/JVN01956993/


*** WordPress plugin "Nofollow Links" vulnerable to cross-site scripting ***
---------------------------------------------
http://jvn.jp/en/jp/JVN13582657/


*** Petya Ransomware Analysis Part I ***
---------------------------------------------
Introduction What makes Petya a special ransomware is that it doesn’t aim to encrypt each file individually, but aims for low-level disk encryption. In this series, we’ll be looking ..
---------------------------------------------
http://resources.infosecinstitute.com/petya-ransomware-analysis-part-i/


*** Rekord-Quartals-Update: Oracle fixt 276 Sicherheitslücken in seinen Produkten ***
---------------------------------------------
Die meisten Schwachstellen klaffen in Fusion Middleware und der Sun System Products Suite. Aber auch Java SE ist verwundbar und bekommt Sicherheits-Updates spendiert.
---------------------------------------------
http://heise.de/-3273522


*** Unechte Bank Austria-Mails und Phishing-Apps im Umlauf ***
---------------------------------------------
Mit unechten Bank Austria-Nachrichten oder der Phishing-App „Bank Austria SmsSecurity“ versuchen Kriminelle, an Zugangsdaten von Kunden des Unternehmens zu gelangen. Damit verfolgen sie das Ziel, auf fremde Kosten Transaktionen durchzuführen und sich zu bereichern.
---------------------------------------------
https://www.watchlist-internet.at/phishing/unechte-bank-austria-mails-und-phishing-apps-im-umlauf/