[CERT-daily] Tageszusammenfassung - Mittwoch 30-03-2016

Wed Mar 30 18:03:34 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 29-03-2016 18:00 − Mittwoch 30-03-2016 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl


*** CareFusion Pyxis SupplyStation System Vulnerabilities ***
---------------------------------------------
This medical advisory contains mitigation details for numerous third-party software vulnerabilities in end-of-life versions of CareFusion's Pyxis SupplyStation system.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSMA-16-089-01


*** Websites Hacked Redirect to Porn from PDF / DOC Links ***
---------------------------------------------
We write a lot about various blackhat SEO hacks on this blog and most of you are already familiar with such things as doorways, cloaking and SEO poisoning. This time we'll tell you about yet another interesting blackhat SEO attack that we've been watching for the last year. Let's begin with ..
---------------------------------------------
https://blog.sucuri.net/2016/03/pdf-doc-urls-redirect-to-porn.html


*** CloudFlare <= 1.3.20 - Cross-Site Scripting (XSS) ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8428


*** The Topology of Malicious Activity on IPv4 ***
---------------------------------------------
There has been a great deal of academic and industry focus on identifying malicious activity across autonomous systems, and for good reasons. Over 50% of 'good' Internet traffic comes from large, ocean-like ASes pushing content from companies like Netflix, Google, Facebook, Apple and Amazon. However, ..
---------------------------------------------
http://www.suchin.co/2016/03/23/Topology-Of-Malicious-Activity/


*** Betriebssystem: OpenBSD 5.9 filtert weitgehend Systemaufrufe ***
---------------------------------------------
Die Funktion zum Filtern und Beschränken von Systemaufrufen ist in OpenBSD 5.9 um viele Anwendungen erweitert worden. Außerdem unterstützt das System nun neuere Laptops besser - dank UEFI und WLAN nach 802.11n. 
---------------------------------------------
http://www.golem.de/news/betriebssystem-openbsd-5-9-filtert-weitgehend-systemaufrufe-1603-120030.html


*** Scammers Impersonate ISPs in New Tech Support Campaign ***
---------------------------------------------
Scammers devise a new ploy to trick users into thinking their own ISP is warning them about malware.
---------------------------------------------
https://blog.malwarebytes.org/threat-analysis/2016/03/scammers-impersonate-isps-in-new-tech-support-campaign/


*** [HTB23298]: Multiple Vulnerabilities in CubeCart ***
---------------------------------------------
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in popular open source shopping software CubeCart. The discovered vulnerabilities allow a remote attacker to compromise vulnerable website and its databases, and conduct sophisticated attacks against its users. 
---------------------------------------------
https://www.htbridge.com/advisory/HTB23298


*** System Integrity Protection: Apples rootfreie Zone ist gar nicht so rootfrei ***
---------------------------------------------
Apple will mit El Capitan verhindern, dass böse Jungs mit Root-Rechten ihr System kaputt machen. Leider hat das auch als Rootless bekannte Sicherheitskonzept viele Lücken und funktioniert deswegen momentan nicht ganz.
---------------------------------------------
http://heise.de/-3157130


*** Der Liebling aller Cyber-Kriminellen: Flash ***
---------------------------------------------
In den Top-15 der am meisten genutzten Sicherheitslücken finden sich allein 13 Schwachstellen in Flash, berichten die Antiviren-Experten der finnischen Firma F-Secure.
---------------------------------------------
http://heise.de/-3157553