[CERT-daily] Tageszusammenfassung - Dienstag 17-01-2017

Tue Jan 17 18:09:58 CET 2017

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 16-01-2017 18:00 − Dienstag 17-01-2017 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Who's winning the cyber war? The squirrels, of course ***
---------------------------------------------
CyberSquirrel1 project shows fuzzy-tailed intruders cause more damage than "cyber" can.
---------------------------------------------
http://arstechnica.com/information-technology/2017/01/whos-winning-the-cyber-war-the-squirrels-of-course/


*** Dodgy Dutch developer built backdoors into thousands of sites ***
---------------------------------------------
Then hoovered out users personal data, stole identities galore and spent up big Dutch police are this week warning 20,000 users that their email accounts were hacked after ..
---------------------------------------------
www.theregister.co.uk/2017/01/17/police_warn_of_dutch_developer_who_built_backdoors_for_carding/


*** [2017-01-17] Cross site scripting in TYPO3 CMS extension "Recommend page" ***
---------------------------------------------
The "Recommend page" extension (pb_recommend_page) for the TYPO3 CMS does not sanitize input properly. Hence an attacker can inject malicious HTML/JavaScript content which can cause harm to the users.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170117-0_TYPO3_Recommend_Page_Extension_XSS_v10.txt


*** Erpressung ist (immer noch) in! ***
---------------------------------------------
Das neue Jahr bringt sicherlich wieder viele technische Neuerungen und (potentiell unsägliche) Trends mit sich. Eines bleibt leider unverändert: Erpressung ist in.Neben DDoS-Drohungen und Ransomware in ..
---------------------------------------------
http://www.cert.at/services/blog/20170117104444-1861.html


*** CryptoSearch: Tool findet und sammelt von Ransomware verschlüsselte Dateien zur Verwahrung ein ***
---------------------------------------------
Wenn ein Erpressungs-Trojaner Daten in seine Gewalt gebracht hat, hoffen Opfer auf ein kostenloses Entschlüsselungstool - wann und ob überhaupt eins kommt, ist aber oft unklar. Ein Windows-Tool sammelt und archiviert bis dahin betroffene Dateien.
---------------------------------------------
https://heise.de/-3597757


*** Citrix XenServer Multiple Security Updates ***
---------------------------------------------
Security vulnerabilities have been identified in Citrix XenServer that may allow malicious code running within a guest VM to read a small part of ...
---------------------------------------------
https://support.citrix.com/article/CTX219378


*** Free-to-Play: Forum von Clash-of-Clans-Betreiber gehackt ***
---------------------------------------------
Erneut ist ein vBulletin-Forum gehackt worden. Betroffen sind vermutlich 1,1 Millionen Nutzer von Supercell-Foren. Der Spielehersteller vertreibt populäre Titel wie Clash of Clans und Clash Royale.
---------------------------------------------
http://www.golem.de/news/free2play-forum-von-clash-of-clans-betreiber-gehackt-1701-125631.html


*** The Line of Death ***
---------------------------------------------
When building applications that display untrusted content, security designers have a major problems if an attacker has full control of a block of pixels, he can make those pixels look ..
---------------------------------------------
https://textslashplain.com/2017/01/14/the-line-of-death/