Daily September 2016

daily@lists.cert.at

1 participants
22 discussions

Tageszusammenfassung - Freitag 2-09-2016
by Daily end-of-shift report 02 Sep '16

02 Sep '16

======================= = End-of-Shift report = ======================= Timeframe: Donnerstag 01-09-2016 18:00 − Freitag 02-09-2016 18:00 Handler: Robert Waldner Co-Handler: Alexander Riepl *** Chrome 53 Fixes Address Spoofing Vulnerability, 32 Other Bugs *** --------------------------------------------- http://threatpost.com/chrome-53-fixes-address-spoofing-vulnerability-32-oth… *** Insecure Redis Instances at Core of Attacks Against Linux Servers *** --------------------------------------------- Attackers are targeting insecure Redis instances, exposed to the internet, to access Linux servers and delete web files and folders in exchange for ransom. --------------------------------------------- http://threatpost.com/insecure-redis-instances-at-core-of-attacks-against-l… *** Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite *** --------------------------------------------- https://support.apple.com/kb/HT207130 *** Safari 9.1.3 *** --------------------------------------------- https://support.apple.com/kb/HT207131 *** IoT Home Router Botnet Leveraged in Large DDoS Attack *** --------------------------------------------- We have been monitoring a large-scale Layer 7 HTTPS flood attack (i.e., application level DDoS) against a customer over the past few weeks. It is being distributed .. --------------------------------------------- https://blog.sucuri.net/2016/09/iot-home-router-botnet-leveraged-in-large-d… *** Wenn die Physik zur Sicherheitslücke wird *** --------------------------------------------- Bei der Sicherheitskonferenz Usenix haben Hacker neue Möglichkeiten demonstriert, Systeme mit Angriffen auf die Hardware zu manipulieren. --------------------------------------------- https://futurezone.at/science/wenn-die-physik-zur-sicherheitsluecke-wird/21… *** DSA-3658 libidn - security update *** --------------------------------------------- Hanno Boeck discovered multiple vulnerabilities in libidn, the GNUlibrary for Internationalized Domain Names (IDNs), allowing a remoteattacker to cause a denial of service against an application using thelibidn library (application crash). --------------------------------------------- https://www.debian.org/security/2016/dsa-3658 *** Mutmaßlicher Angreifer auf Web-Infrastruktur des Linux Kernels festgenommen *** --------------------------------------------- In den USA ist ein Hacker festgenommen worden, der für Angriffe auf die Linux Foundation und die Webseite kernel.org verantwortlich sein soll. Dabei handelt es sich wohl um den einschlägig bekannten Angriff von 2011. --------------------------------------------- http://heise.de/-3312595 *** Over 40 million usernames, passwords from 2012 breach of Last.fm surface *** --------------------------------------------- While Last.fm informed users in 2012, passwords were easily cracked. --------------------------------------------- http://arstechnica.com/security/2016/09/over-40-million-usernames-passwords…

1 0

Tageszusammenfassung - Donnerstag 1-09-2016
by Daily end-of-shift report 01 Sep '16

01 Sep '16

======================= = End-of-Shift report = ======================= Timeframe: Mittwoch 31-08-2016 18:00 − Donnerstag 01-09-2016 18:00 Handler: Alexander Riepl Co-Handler: n/a *** There are really only two effectively distinct settings for the UAC slider *** --------------------------------------------- Theres a control panel that lets you specify how often you want to be prompted by UAC. You can set any of four levels: ... Although it looks like there are four settings, in a theoretical sense, there really are only two settings. --------------------------------------------- https://blogs.msdn.microsoft.com/oldnewthing/20160816-00/?p=94105 *** Flag - Moderately Critical - Access Bypass - SA-CONTRIB-2016-050 *** --------------------------------------------- https://www.drupal.org/node/2793115 *** So much for counter-phishing training: Half of people click anything sent to them *** --------------------------------------------- Even people who claimed to be aware of risks clicked out of curiosity. --------------------------------------------- http://arstechnica.com/security/2016/08/researchers-demonstrate-half-of-peo… *** New Version of Cerber Ransomware Distributed via Malvertising *** --------------------------------------------- Crber has become one of the most notorious and popular ransomware families to date. It now has a new variant that, while superficially similar to earlier variants, .. --------------------------------------------- http://blog.trendmicro.com/trendlabs-security-intelligence/new-version-cerb… *** MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled.. *** --------------------------------------------- Background From August 4th 2016 several sysadmin friends were starting to upload this malware files to our dropbox. The samples warent easy to retrieve, so there are good ones and also some broken ones, I listed in this post for the good ones. This threat is made by the ELF trojan backdoor, the .. --------------------------------------------- http://blog.malwaremustdie.org/2016/08/mmd-0056-2016-linuxmirai-just.html *** Maxmind.com (Ab)used As Anti-Analysis Technique *** --------------------------------------------- A long time ago I wrote a diary[1] about malware samples which use online geolocalization services. Such services are used to target only specific victims. If the malware detects that it is executed from a specific area, it just stops. This .. --------------------------------------------- https://isc.sans.edu/diary.html?storyid=21435 *** Breaching a CA – Blind Cross-site Scripting (BXSS) in the GeoTrust SSL Operations Panel Using XSS Hunter *** --------------------------------------------- This is a continuation of a series of blog posts which will cover blind cross-site scripting (XSS) and its impact on the internal systems which suffer from it. Previously, .. --------------------------------------------- https://thehackerblog.com/breaching-a-ca-blind-cross-site-scripting-bxss-in… *** Spotify: Einfach mal Passwörter ändern *** --------------------------------------------- Schon wieder neue Passwörter: Einige Kunden von Spotify sollen sie als Vorsichtsmaßnahme ändern, der Hintergrund bleibt vage. Auch nach welchen Kriterien die Kunden ausgewählt wurden, ist nicht bekannt. --------------------------------------------- http://www.golem.de/news/spotify-einfach-mal-passwoerter-aendern-1609-12301… *** Bundeskriminalamt warnt vor Erpressungs-Trojaner in falschen Bewerbungsmails *** --------------------------------------------- Computer wird verschlüsselt und Lösegeld gefordert --------------------------------------------- http://derstandard.at/2000043687916 *** Unix: OpenBSD 6.0 erzwingt W^X für das Basissystem *** --------------------------------------------- Das OpenBSD-Projekt sichert sein Basissystem ab, indem der genutzte Speicher entweder beschreibbar oder ausführbar (W^X) ist. Zudem verzichtet das Team auf VAX- und Linux-Support, hat aber die ARMv7-Unterstützung erweitert. --------------------------------------------- http://www.golem.de/news/unix-openbsd-6-0-erzwingt-w-x-fuer-das-basissystem… *** Darknet: Festnahme nach Drogenrazzia bei Chemical-Love-Kunden *** --------------------------------------------- Bei einer bundesweiten Razzia konnten Ermittler größere Mengen Drogen sicherstellen, die die Verdächtigen zuvor im Darknet gekauft haben sollen. Die Beschuldigten sollen als Händler tätig gewesen sein. --------------------------------------------- http://www.golem.de/news/darknet-festnahme-nach-drogenrazzia-bei-chemical-l… *** Retefe-Trojaner in gefälschten Rechnungen *** --------------------------------------------- In E-Mailpostfachen finden sich Nachrichten mit dem Betreff „Ihre Zahlung 631 EUR“, „167 EUR Bestellung“, „33 EUR Zahlung“ oder „81 EUR Rechnung“. Sie stammen angeblich von der .. --------------------------------------------- https://www.watchlist-internet.at/gefaelschte-rechnungen/retefe-trojaner-in…

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Daily September 2016