[CERT-daily] Tageszusammenfassung - Montag 13-02-2017

Mon Feb 13 18:14:03 CET 2017

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 10-02-2017 18:00 − Montag 13-02-2017 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** State-sponsored Hackers Targeting Prominent Journalists, Google Warns ***
---------------------------------------------
State-sponsored hackers are attempting to steal email passwords of a number of prominent journalists, Google has warned. The hackers are suspected to be Russians, reports POLITICO. Some of the journalists who have received such warnings from Google as ..
---------------------------------------------
https://politics.slashdot.org/story/17/02/10/1726206/state-sponsored-hackers-targeting-prominent-journalists-google-warns


*** Unique Office Loader Deploying Multiple Malware Families ***
---------------------------------------------
http://researchcenter.paloaltonetworks.com/2017/02/unit42-unique-office-loader-deploying-multiple-malware-families/


*** Sports Direct hacked but it still hasn't disclosed the breach to its staff ***
---------------------------------------------
Sports Direct, the UK's largest sports retail business, was hacked last year, and still hasn't disclosed the incident to its staff. The Register confirmed that the Sports Direct, the UK's largest sports retail business, was hacked last ..
---------------------------------------------
http://securityaffairs.co/wordpress/56187/data-breach/sports-direct-data-breach.html


*** Think Twice before Posting Data on Pastebin! ***
---------------------------------------------
Pastebin.com is one of my favourite playground. I'm monitoring the content of all pasties posted on this website. My goal is to find juicy data like configurations, database ..
---------------------------------------------
https://blog.rootshell.be/2017/02/12/think-twice-posting-data-pastebin/


*** Lazarus & Watering-hole attacks ***
---------------------------------------------
On 3rd February 2017, researchers at badcyber.com released an article that detailed a series of ..
---------------------------------------------
http://baesystemsai.blogspot.com/2017/02/lazarus-watering-hole-attacks.html


*** Do You Use VirusTotal? Give PacketTotal a Spin!, (Mon, Feb 13th) ***
---------------------------------------------
Packettotal ( http://www.packettotal.com ) is a new site that does some nifty analysis of Packet Captures for you if youre not so familiar with Wireshark or other analysis tools Out of the gate, this site maps out connections, certificates, ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=22061


*** Firefox für Android kann sich an Schadcode verschlucken ***
---------------------------------------------
In der Version 51.0.3 haben die Firefox-Entwickler eine kritische Sicherheitslücke geschlossen. Von der Schwachstelle ist ausschliesslich die Android-Version betroffen.
---------------------------------------------
https://heise.de/-3623027


*** Mirai Widens Distribution with New Trojan that Scans More Ports ***
---------------------------------------------
Late last year, in several high-profile and potent DDoS attacks, Linux-targeting Mirai (identified by Trend Micro as ELF_MIRAI family) revealed just how broken the Internet ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/mirai-widens-distribution-new-trojan-scans-ports


*** Project Zero: NTFS-Treiber ermöglicht Linux-Rootzugriff ***
---------------------------------------------
Eine fehlerhafte Konfiguration des Userspace-Treibers für NTFS unter Linux ermöglicht einfachen Root-Zugriff. Davon betroffen waren Standardinstallationen von Debian ..
---------------------------------------------
https://www.golem.de/news/project-zero-ntfs-treiber-ermoeglicht-linux-rootzugriff-1702-126147.html


*** Mexiko soll Gegner von Softdrinks mit Spyware ausgespäht haben ***
---------------------------------------------
Aktivisten, die für eine höhere Besteuerung von zuckerhaltigen Getränken und fettreichen Speisen kämpften, wurden ausgehorcht
---------------------------------------------
http://derstandard.at/2000052555921


*** Dateilose Infektion: Einbruch ohne Spuren ***
---------------------------------------------
Sicherheitsforscher warnen, dass vermutlich die Carbanak-Gang einen neuen Trick verwendet, der viele Schutz- und Analyse-Programme ins Leere laufen lässt. Sie brechen in Computer und Netze ein, ohne dass dabei verdächtige Dateien auf der Platte landen.
---------------------------------------------
https://heise.de/-3623084