Daily August 2016

daily@lists.cert.at

1 participants
22 discussions

Tageszusammenfassung - Dienstag 2-08-2016
by Daily end-of-shift report 02 Aug '16

02 Aug '16

======================= = End-of-Shift report = ======================= Timeframe: Montag 01-08-2016 18:00 − Dienstag 02-08-2016 18:00 Handler: Alexander Riepl Co-Handler: n/a *** Android Security Bulletin August 2016 *** --------------------------------------------- https://source.android.com/security/bulletin/2016-08-01.html *** Google Domain Enables HSTS Protection *** --------------------------------------------- Google ensures HTTPS connections to its domains with support for HTTP Strict Transport Security, or HSTS. --------------------------------------------- http://threatpost.com/google-domain-enables-hsts-protection/119597/ *** DSA-3637 chromium-browser - security update *** --------------------------------------------- https://www.debian.org/security/2016/dsa-3637 *** Slinging Hash: Speeding Cyber Threat Hunting Methodologies via Hash-Based Searching *** --------------------------------------------- Introduction The term "hash" is thrown around in casual IT conversation quite a bit nowadays, .. --------------------------------------------- https://www.trustwave.com/Resources/SpiderLabs-Blog/Slinging-Hash--Speeding… *** 36000 SAP systems exposed online, most open to attacks *** --------------------------------------------- ERPScan released the first comprehensive SAP Cybersecurity Threat Report, which covers three main angles: Product Security, Implementation Security, and Security Awareness. The company used its own scanning method to gather .. --------------------------------------------- https://www.helpnetsecurity.com/2016/08/02/sap-cybersecurity-report/ *** Im Darknet werden 200 Millionen Yahoo-Accounts verkauft *** --------------------------------------------- Login-Informationen zu rund 200 Millionen Yahoo-Accounts werden zum Verkauf angeboten. Und Yahoo weiß darüber Bescheid. --------------------------------------------- http://futurezone.at/digital-life/im-darknet-werden-200-millionen-yahoo-acc… *** FireEye admits filtering out legitimate emails in sniffer snafu *** --------------------------------------------- Benign messages frogmarched into quarantine FireEye has admitted that a snafu involving its email filtering technology meant harmless messages were shuffled off to quarantine for no good reason. --------------------------------------------- www.theregister.co.uk/2016/08/02/fireeye_filtering_snafu/ *** Kasperskys Herz für Hacker: 50.000 US-Dollar für gemeldete Bugs *** --------------------------------------------- Als zweiter AV-Hersteller führen die Russen ein Bug-Bounty-Programm ein. Sicherheitsforscher sollen nun Geld dafür bekommen, Schwachstellen in Kaspersky-Produkten zu finden. --------------------------------------------- http://heise.de/-3284172 *** Introducing the p0f BPF compiler *** --------------------------------------------- Two years ago we blogged about our love of BPF (BSD packet filter) bytecode.CC BY 2.0 image by jim simonsonThen we published a set of utilities we are using to generate the BPF .. --------------------------------------------- https://blog.cloudflare.com/introducing-the-p0f-bpf-compiler/ *** Timing Attacks in the Modern Web *** --------------------------------------------- Before you explore all the details of these browser-based timing attacks, head over to my laboratories to play around with these attacks yourself! --------------------------------------------- https://tom.vg/2016/08/browser-based-timing-attacks/

1 0

Tageszusammenfassung - Montag 1-08-2016
by Daily end-of-shift report 01 Aug '16

01 Aug '16

======================= = End-of-Shift report = ======================= Timeframe: Freitag 29-07-2016 18:00 − Montag 01-08-2016 18:00 Handler: Alexander Riepl Co-Handler: n/a *** Fake FreeDNS Used to Redirect Traffic to Malicious Sites *** --------------------------------------------- During the last couple of days we performed a few similar cleanup requests where sites occasionally redirected visitors to malicious sites that displayed ads, spam and malicious downloads. One of our security analysts, Andrey Kucherov, .. --------------------------------------------- https://blog.sucuri.net/2016/07/fake-freedns-used-to-redirect-traffic-to-ma… *** SwiftKey zeigt Vorschläge fremder Nutzer *** --------------------------------------------- Nutzer des alternativen Smartphone-Keyboards SwiftKey haben Wortvorschläge fremder Nutzer erhalten. Neben Wörtern in anderen Sprachen sollen auch fremde E-Mail-Adressen darunter gewesen sein. --------------------------------------------- http://heise.de/-3282177 *** DSA-3636 collectd - security update *** --------------------------------------------- Emilien Gaspar discovered that collectd, a statistics collection andmonitoring daemon, incorrectly processed incoming networkpackets. This resulted in a heap overflow, allowing a remote attackerto either cause a DoS via application crash, or potentially executearbitrary code. --------------------------------------------- https://www.debian.org/security/2016/dsa-3636 *** HTML-Injection-Lücke erlaubte Zertifikatsklau bei Comodo *** --------------------------------------------- Eine Lücke im Zertifikats-Bestellsystem der Certification Authority Comodo erlaubte es Angreifern, sich SSL-Zertifikate für fremde Websites ausstellen zu lassen, was Man-in-the-middle-Lauschangriffe auf deren Traffic ermöglicht. --------------------------------------------- http://heise.de/-3282183 *** Xen Vulnerability Allows Hackers To Escape Qubes OS VM And Own the Host *** --------------------------------------------- Slashdot reader Noryungi writes: Qubes OS certainly has an intriguing approach to security, but a newly discovered Xen vulnerability allows a hacker to escape a VM and own the host. If you are running Qubes, make sure you update .. --------------------------------------------- https://tech.slashdot.org/story/16/07/30/1552244/xen-vulnerability-allows-h… *** DSA-3634 redis - security update *** --------------------------------------------- It was discovered that redis, a persistent key-value database, did notproperly protect redis-cli history files: they were created by defaultwith world-readable permissions. --------------------------------------------- https://www.debian.org/security/2016/dsa-3634 *** Are you getting I-CANNED? *** --------------------------------------------- One year ago, I already covered the impact that ICANNs latest money grab was having on security, see https://isc.sans.edu/forums/diary/httpsyourfakebanksupport+TLD+confusion+st…. ICANN is the organization that .. --------------------------------------------- https://isc.sans.edu/diary.html?storyid=21323 *** Booking Calendar <= 6.2 - SQL Injection *** --------------------------------------------- https://wpvulndb.com/vulnerabilities/8576 *** Booking Calendar <= 6.2 - Reflected Cross-Site Scripting (XSS) *** --------------------------------------------- https://wpvulndb.com/vulnerabilities/8575 *** Pokémon GO Creators Twitter Account Hacked — Pika, Pikaaaa! *** --------------------------------------------- Twitter account of another high-profile CEO has been hacked! This time, its Niantic CEO John Hanke, the developer behind the worlds most popular game Pokémon GO. And it .. --------------------------------------------- https://thehackernews.com/2016/07/pokemon-go-hack.html *** Kaspersky DDoS Intelligence Report for Q2 2016 *** --------------------------------------------- In Q2 2016, the geography of DDoS attacks narrowed to 70 countries, with China accounting for 77.4% of attacks. In fact, 97.3% of the targeted resources were located in .. --------------------------------------------- http://securelist.com/analysis/quarterly-malware-reports/75513/kaspersky-dd… *** INTERPOL Arrests Business Email Compromise Scam Mastermind *** --------------------------------------------- Business Email Compromise (BEC) attacks have proven to be an effective tactic, with criminals stealing large amounts of money from various businesses. From 2013 to 2015, BEC-related damages were estimated at US$ 2.3 billion. Targeting .. --------------------------------------------- http://blog.trendmicro.com/trendlabs-security-intelligence/interpol-arrests… *** Sicherheitslücke: Millionen Daten von Flugreisenden jahrelang im Internet *** --------------------------------------------- Rechnungen, Namen und teilweise sogar die Bankdaten von Flugreisenden waren jahrelang ohne technische Hürden offen im Netz verfügbar - ohne, dass es jemandem aufgefallen wäre. Auch Kriminelle haben die Daten nach aktuellem Stand übersehen. --------------------------------------------- http://www.golem.de/news/sicherheitsluecke-millionen-daten-von-flugreisende…

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Daily August 2016