Daily October 2012

daily@lists.cert.at

1 participants
22 discussions

Tageszusammenfassung - Dienstag 2-10-2012
by Daily end-of-shift report 02 Oct '12

02 Oct '12

======================= = End-of-Shift report = ======================= Timeframe: Montag 01-10-2012 18:00 − Dienstag 02-10-2012 18:00 Handler: Stephan Richter Co-Handler: Robert Waldner *** SQL Injection bei Trend Micro Control Manager *** --------------------------------------------- Ein Update beseitigt eine SQL-Injection-Lücke in Trends Security-Management-Plattform. --------------------------------------------- http://www.heise.de/security/meldung/SQL-Injection-bei-Trend-Micro-Control-… *** Cisco CallManager vulnerable to brute force attack *** --------------------------------------------- "Roberto Suggi Liverani, founder of the OWASP (Open Web Application Security Project) New Zealand chapter discover a vulnerability in Cisco CallManager AKA Unified Communications Manager. It is a software-based call-processing system developed by Cisco Systems. He described on his blog security review, I have found a quick way to perform PIN brute force attack against accounts registered with a Cisco Unified Communications Manager (CallManager)...." --------------------------------------------- http://thehackernews.com/2012/10/cisco-callmanager-vulnerable-to-brute.html *** Expert fingers DDoS toolkit used in bank cyberattacks *** --------------------------------------------- "Cyberattackers who disrupted the websites of U.S. banks over the last two weeks used a highly sophisticated toolkit -- a finding that points to a well-funded operation, one security vendor said on Monday. Prolexic Technologies said the distributed denial of service (DDoS) toolkit called itsoknoproblembro was used against some of the banks which included Wells Fargo, U.S. Bank, PNC Bank, Bank of America and JPMorgan Chase. Each of the banks was struck on separate days...." --------------------------------------------- http://www.csoonline.com/article/717727/expert-fingers-ddos-toolkit-used-in… *** IBM Lotus Notes Traveler 8.5.3 XSS & CSRF & Brute Force *** --------------------------------------------- Topic: IBM Lotus Notes Traveler 8.5.3 XSS & CSRF & Brute Force Risk: Low Text:I want to warn you about Brute Force, Cross-Site Scripting, Cross-Site Request Forgery and Redirector vulnerabilities in IBM ... --------------------------------------------- http://feedproxy.google.com/~r/securityalert_database/~3/Gq2FiubAbh0/WLB-20… *** Switchvox Asterisk 5.1.2 Cross Site Scripting *** --------------------------------------------- Topic: Switchvox Asterisk 5.1.2 Cross Site Scripting Risk: Low Text:Title: Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities Date: == 2012-09-10 References: == http... --------------------------------------------- http://feedproxy.google.com/~r/securityalert_database/~3/KtK8D-i6E-o/WLB-20… *** OPlayer 2.0.05 iOS Cross Site Scripting *** --------------------------------------------- Topic: OPlayer 2.0.05 iOS Cross Site Scripting Risk: Low Text:Title: OPlayer v2.0.05 iOS - Multiple Web Vulnerabilities Date: == 2012-10-01 References: == http://www.... --------------------------------------------- http://feedproxy.google.com/~r/securityalert_database/~3/NytSNRlZ814/WLB-20… *** GTA UTM Firewall GB 6.0.3 Cross Site Scripting *** --------------------------------------------- Topic: GTA UTM Firewall GB 6.0.3 Cross Site Scripting Risk: Low Text:Title: GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities Date: == 2012-09-10 References: == http:... --------------------------------------------- http://feedproxy.google.com/~r/securityalert_database/~3/vljvCj4a1PU/WLB-20… *** DDoS attacks reach new level of sophistication *** --------------------------------------------- "Prolexic Technologies warned of an escalating threat from unusually large and highly sophisticated DDoS attacks. The DDoS attacks have been launched in the last week using the so-called itsoknoproblembro DDoS toolkit. The malicious actor(s) behind the attacks have used this potent tool in conjunction with sophisticated attack methods that clearly demonstrate knowledge of common DDoS mitigation methods...." --------------------------------------------- http://www.net-security.org/secworld.php?id=13704 *** How a single spam from China ended up as an attack on the White House *** --------------------------------------------- "FoxNews leads today with a dramatic story entitled "Washington confirms Chinese hack attack on White House computer."In other important news, experts confirmed that there was a "high probability" that tomorrow, 03 October 2012, due to the rotation of the earth on its axis, the sun would once again give the impression of rising in the East. They also claimed that dinosaurs would "in all likelihood" continue in their state of alleged extinction.(You read it --------------------------------------------- http://nakedsecurity.sophos.com/2012/10/02/how-a-single-spam-from-china-end… *** Bugtraq: CVE-2012-3819: Stack Overflow in DartWebserver.dll <= 1.9 *** --------------------------------------------- CVE-2012-3819: Stack Overflow in DartWebserver.dll <= 1.9 --------------------------------------------- http://www.securityfocus.com/archive/1/524273 *** [papers] - A Pentesters Guide to Hacking OData *** --------------------------------------------- A Pentesters Guide to Hacking OData --------------------------------------------- http://www.exploit-db.com/download_pdf/21664 *** PCI Security Standard: Mobile Payment Acceptance Security Guidelines, (Tue, Oct 2nd) *** --------------------------------------------- What would Cyber Security Awareness Month with a Standards theme be without discussing some semblance of PCI-related content? Carefully avoiding the debate over the benefits and drawback of PCI DSS, Ill instead focus on a recent read with a quick summary of PCI Mobile Payment Acceptance Security Guidelines for Developers. This guideline hit my radar on 14 SEP courtesy of Ians Dragon News Bytes and was intriguing as I had just published Mobile application security best practices in a BYOD world --------------------------------------------- http://isc.sans.edu/diary.html?storyid=14206&rss *** Bugtraq: [security bulletin] HPSBST02818 SSRT100960 rev.1 - HP IBRIX X9000 Storage, Remote Disclosure of Information *** --------------------------------------------- [security bulletin] HPSBST02818 SSRT100960 rev.1 - HP IBRIX X9000 Storage, Remote Disclosure of Information --------------------------------------------- http://www.securityfocus.com/archive/1/524275

1 0

Tageszusammenfassung - Montag 1-10-2012
by Daily end-of-shift report 01 Oct '12

01 Oct '12

======================= = End-of-Shift report = ======================= Timeframe: Freitag 28-09-2012 18:00 − Montag 01-10-2012 18:00 Handler: Stephan Richter Co-Handler: Robert Waldner *** Vuln: openCryptoki Multiple Insecure File Creation Vulnerabilities *** --------------------------------------------- openCryptoki Multiple Insecure File Creation Vulnerabilities --------------------------------------------- http://www.securityfocus.com/bid/55627 *** Did NSA Put a Secret Backdoor in New Encryption Standard? *** --------------------------------------------- "Random numbers are critical for cryptography: for encryption keys, random authentication challenges, initialization vectors, nonces, key-agreement schemes, generating prime numbers and so on. Break the random-number generator, and most of the time you break the entire security system. Which is why you should worry about a new random-number standard that includes an algorithm that is slow, badly designed and just might contain a backdoor for the National Security Agency...." --------------------------------------------- http://cyberwarzone.com/did-nsa-put-secret-backdoor-new-encryption-standard *** Security Advisory: Adobe to Revoke Code Signing Certificate (APSA12-01) *** --------------------------------------------- A Security Advisory (APSA12-01) has been posted in regards to the misuse of an Adobe code signing certificate. Adobe plans to revoke the certificate on October 4, 2012 for all software code signed after July 10, 2012. Adobe is in the process of issuing updates for all affected products using a new digital certificate. For [...] --------------------------------------------- http://blogs.adobe.com/psirt/2012/09/security-advisory-adobe-to-revoke-code… *** Scary New Malware Uses Your Phone To Make A Map Of Your House For Robbers *** --------------------------------------------- "If you arent careful, much of the tech you hold near and dear can be used against you. An app called PlaceRaider, for instance, can use your phone to build a full 3D map of your house, all without you suspecting a thing. Developed by Robert Templeman at the Naval Surface Warfare centre and a few buddies from the University of Indiana, PlaceRader hijacks your phones camera and takes a series of secret photographs, recording the time, and the phones orientation and location with each --------------------------------------------- http://www.gizmodo.com.au/2012/09/scary-new-malware-uses-your-phone-to-make… *** A Convenient Scapegoat - Why All Cyber Attacks Originate in China *** --------------------------------------------- "A fairy tale has crept its way into the collective western InfoSec mindset and poisoned the well of reason and rational thought. I am referring to what I like to term, Lazy Neo-McArthyism, i.e. blaming the Red Menace, a.k. a China. It seems that every other cyber-incident, security breach or strain of malware is attributed to the superpower of the east...." --------------------------------------------- http://www.securityweek.com/convenient-scapegoat-why-all-cyber-attacks-orig… *** In a Zero-Day World, It’s Active Attacks that Matter *** --------------------------------------------- The recent zero-day vulnerability in Internet Explorer caused many (present company included) to urge Internet users to consider surfing the Web with a different browser until Microsoft issued a patch. Microsoft did so last month, but not before experts who ought to have known better began downplaying such advice, pointing out that other browser makers have more vulnerabilities and just as much exposure to zero-day flaws. This post examines hard data that shows why such reasoning is more --------------------------------------------- http://feedproxy.google.com/~r/KrebsOnSecurity/~3/kKKkx4TbxfY/ *** LG NAS Users and password hash disclosure *** --------------------------------------------- Topic: LG NAS Users and password hash disclosure Risk: High Text:# Exploit Title: LG NAS Users and password hash disclosure # Date: 2012-09-29 # Vendor Homepage: http://www.lg.com/ # Versio... --------------------------------------------- http://feedproxy.google.com/~r/securityalert_database/~3/_NaxSfrogiM/WLB-20… *** Internet scan finds thousands of device flaws, system weaknesses *** --------------------------------------------- "A scan of the Internet over 20 days has yielded terabytes of data and also some alarming weaknesses including misconfigured routers, vulnerability riddled databases and more than 1,000 exposed passwords. Its a project that HD Moore calls his hobby. The Internet-wide survey looked for open TCP ports, SNMP system descriptions, MDNS responders, UPNP endpoints and NetBIOS name queries...." --------------------------------------------- http://searchsecurity.techtarget.com/news/2240164210/Internet-scan-finds-th…

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Daily October 2012