Daily

daily@lists.cert.at

1 participants
3208 discussions

Tageszusammenfassung - Dienstag 25-09-2012
by Daily end-of-shift report 25 Sep '12

25 Sep '12

======================= = End-of-Shift report = ======================= Timeframe: Montag 24-09-2012 18:00 − Dienstag 25-09-2012 18:00 Handler: Stephan Richter Co-Handler: Robert Waldner *** Book Review: Digital Forensics For Handheld Devices *** --------------------------------------------- benrothke writes "Todays handheld device is the mainframe of years past. An iPhone 5 with 64 GB of storage and the Apple A6 system-on-a-chip processor has more raw computing power entire data centers had some years ago. With billions of handheld devices in use worldwide, it is imperative that digital forensics investigators and others know how to ensure that the information contained in them, can be legally preserved if needed." Read on for the rest of Bens review. Read more of --------------------------------------------- http://rss.slashdot.org/~r/Slashdot/slashdot/~3/fpv3Or7g974/book-review-dig… *** Schneier: We Dont Need SHA-3 *** --------------------------------------------- Trailrunner7 writes with this excerpt from Threatpost: "For the last five years, NIST, the government body charged with developing new standards for computer security, among other things, has been searching for a new hash function to replace the aging SHA-2 function. Five years is a long time, but this is the federal government and things move at their own pace in Washington, but NIST soon will be announcing the winner from the five finalists that were chosen last year. Despite the --------------------------------------------- http://rss.slashdot.org/~r/Slashdot/slashdot/~3/fJ7xmIOdp-o/schneier-we-don… *** Java SE 5/6/7 critical security issue *** --------------------------------------------- Topic: Java SE 5/6/7 critical security issue Risk: High Text:Weve recently discovered yet another security vulnerability affecting all latest versions of Oracle Java SE software. The im... --------------------------------------------- http://feedproxy.google.com/~r/securityalert_database/~3/VECe3FilPLE/WLB-20… *** Samsung-Smartphones aus der Ferne löschbar *** --------------------------------------------- Der Sicherheitsexperte Ravi Borgaonkar hat auf der Hackerkonferenz Ekoparty demonstriert, dass man Android-Smartphones von Samsung, bei denen der Hersteller die Android-Version mit eigener Software angepasst hat, aus der Ferne auf Werkseinstellungen zurücksetzen kann. Kern des Angriffs ist eine Schwachstelle im Samsung-eigenen Wählprogramm, durch die einzelne Smartphone-Varianten ohne Rückfrage sogenannte USSD-Codes (Unstructured Supplementary Service Data) ausführen, die über speziell präparierte Links übergeben werden. Der Code *2767*3855# sorgt dafür, dass das Handy sofort mit dem Zurücksetzen beginnt. --------------------------------------------- http://www.heise.de/security/meldung/Samsung-Smartphones-aus-der-Ferne-loes… *** Data Breach Reveals 100k IEEE.org Members Plaintext Passwords *** --------------------------------------------- First time accepted submitter radudragusin writes "IEEE suffered a data breach which I discovered on September 18. For a few days I was uncertain what to do with the information and the data. Yesterday I let them know, and they fixed (at least partially) the problem. The usernames and passwords kept in plaintext were publicly available on their FTP server for at least one month prior to my discovery. Among the almost 100.000 compromised users are Apple, Google, IBM, Oracle and Samsung --------------------------------------------- http://rss.slashdot.org/~r/Slashdot/slashdot/~3/HCjl46a-6mM/data-breach-rev…

1 0

Tageszusammenfassung - Montag 24-09-2012
by Daily end-of-shift report 24 Sep '12

24 Sep '12

======================= = End-of-Shift report = ======================= Timeframe: Freitag 21-09-2012 18:00 − Montag 24-09-2012 18:00 Handler: Stephan Richter Co-Handler: Robert Waldner *** 1st It Security Industrial & Automation *** --------------------------------------------- "The IT Security & Industrial Automation 2012 on 13 and 14. 11. 2012 in Leipzig is the first conference of isits AG on protection of production and automation, which takes place in cooperation with escrypt GmbH and TV Rheinland...." --------------------------------------------- http://www.itsec-process.info/ *** Conference: Secure Communication for Energy Networks *** --------------------------------------------- "Focus of the second Conference Think smart - secure communication for energy networks, the issue of IT security is about smart energy, with particular emphasis in smart grids. With practical examples, current trends in the development, but also the security of smart technology and power grids are presented. Manufacturers of smart energy, utilities, and software quality assurance company manufacturers demonstrate the current situation with national and international pilot projects...." --------------------------------------------- http://www.thinksmart-energy.info/ *** Update - Sicherheitslücke in Microsofts Internet Explorer geschlossen *** --------------------------------------------- Umfangreiches Update veröffentlicht - auch eine Lücke im Flash-Player wurde behoben --------------------------------------------- http://text.derstandard.at/1348283691198/Sicherheitsluecke-in-Microsofts-In… *** Vuln: ZEN Load Balancer Multiple Security Vulnerabilities *** --------------------------------------------- ZEN Load Balancer Multiple Security Vulnerabilities --------------------------------------------- http://www.securityfocus.com/bid/55638 *** Google Go language gets used: For file-scrambling trojan, though *** --------------------------------------------- No-one sure why mobe rooter VXers like obscure lingo Virus writers are experimenting with Googles Go as a programming language for malware.… --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/24/google_go_t… *** IP-Adressverwaltung RIPE diskutiert Aktuelles zu DNS, IPv6, Routing *** --------------------------------------------- Seit dem heutigen Montag treffen sich in niederländischen Amsterdam Vertreter der am europäischen Adressverwalter RIPE beteiligten Unternehmen und Verbände zum 65. RIPE-Meeting. Die jährliche Tagung befasst sich bis zum Ende der Woche mit Vorträgen und Diskussionen zu aktuellen Entwicklungen bei der regionalen Internet Registry. Einige Themen wie das Domain Name System, das Internet Protocol Version 6 (IPv6) oder das Routing bearbeiten die Teilnehmer in Arbeitsgruppen während dieser Zeit. --------------------------------------------- http://www.heise.de/newsticker/meldung/IP-Adressverwaltung-RIPE-diskutiert-… *** Update für PostgreSQL 9.1 und 9.2 behebt kritische Fehler *** --------------------------------------------- Für die erst kürzlich veröffentlichte Version 9.2 der freien relationalen Datenbank PostgreSQL sowie für die Vorgängerversion 9.1 stehen Updates bereit, die zwei kritische Fehler beheben. Sie könnten zu beschädigten Datenbankindizes oder anderen Defekten führen, schreiben die Entwickler. --------------------------------------------- http://www.heise.de/newsticker/meldung/Update-fuer-PostgreSQL-9-1-und-9-2-b… *** Vuln: PHP CVE-2012-0057 Security Bypass Vulnerability *** --------------------------------------------- PHP CVE-2012-0057 Security Bypass Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/51806

1 0

Tageszusammenfassung - Freitag 21-09-2012
by Daily end-of-shift report 21 Sep '12

21 Sep '12

======================= = End-of-Shift report = ======================= Timeframe: Donnerstag 20-09-2012 18:00 − Freitag 21-09-2012 18:00 Handler: Stephan Richter *** Vuln: WebKit Multiple Unspecified Memory Corruption Vulnerabilities *** --------------------------------------------- WebKit Multiple Unspecified Memory Corruption Vulnerabilities --------------------------------------------- http://www.securityfocus.com/bid/55534 *** BitTorrent Users DDoS Websites Without Knowing *** --------------------------------------------- "Millions of BitTorrent users are unknowingly DDoSing websites because publishers of popular torrents mistakenly add website URLs as trackers. The DDoSes drag websites down and their operators have very few options to mitigate these attacks. But, thanks to a new BitTorrent protocol enhancement this is about to change...." --------------------------------------------- http://torrentfreak.com/bittorrent-users-ddos-websites-without-knowing-1209… *** Critical flaw exposes Oracle database passwords *** --------------------------------------------- Vuln leaves barn door open to brute-force attacks A security researcher says some versions of the Oracle database contain a vulnerability so serious that anyone with access to the server over a network can crack database passwords using a basic brute-force attack, given nothing more than the name of the database and a valid username.… --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/21/oracle_11g_… *** Vuln: Condor Multiple Security Bypass Vulnerabilities *** --------------------------------------------- Condor Multiple Security Bypass Vulnerabilities --------------------------------------------- http://www.securityfocus.com/bid/55632 *** Vuln: Red Hat Enterprise MRG Grid Multiple Remote Vulnerabilities *** --------------------------------------------- Red Hat Enterprise MRG Grid Multiple Remote Vulnerabilities --------------------------------------------- http://www.securityfocus.com/bid/55618 *** Will You Be More Secure if You Abandon Internet Explorer? *** --------------------------------------------- "The German government is urging people to abandon Internet Explorer to avoid zero-day attacks currently circulating in the wild. Microsoft is scrambling to develop a patch to address the problem. The dirty secret, though, is the attack relies on Java being present, so Java--not Internet Explorer--is the Achilles heel of this equation...." --------------------------------------------- http://www.cio.com/article/716711/Will_You_Be_More_Secure_if_You_Abandon_In…

1 0

Tageszusammenfassung - Donnerstag 20-09-2012
by Daily end-of-shift report 20 Sep '12

20 Sep '12

======================= = End-of-Shift report = ======================= Timeframe: Donnerstag 20-09-2012 08:00 − Donnerstag 20-09-2012 18:00 Handler: Stephan Richter Co-Handler: Matthias Fraidl *** Apple and Cisco Security Advisories (Thu, Sep 20th) *** --------------------------------------------- Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client The Cisco AnyConnect Secure Mobility Client is affected by multiple vulnerabilities. Advisory ID: cisco-sa-20120620-ac Apple security updates: APPLE-SA-2012-09-19-1 iOS 6 APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 APPLE-SA-2012-09-19-3 Safari 6.0.1 Russ McRee | @holisticinfosec (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial --------------------------------------------- http://isc.sans.edu/diary.html?storyid=14143&rss *** Microsoft flickt kritische Internet-Explorer-Lücke *** --------------------------------------------- Microsoft hat ein Fix-it-Tool herausgegeben, mit dem die kritische Schwachstelle im Internet Explorer bis zum Erscheinen eines Patches provisorisch abgedichtet werden kann. Den endgültigen Patch will das Unternehmen ab dem morgigen Freitag über Windows Update verteilen, wie es in seinem Sicherheitsblog angekündigt hat. --------------------------------------------- http://www.heise.de/security/meldung/Microsoft-flickt-kritische-Internet-Ex… *** Sophos antivirus classifies its own update kit as malware *** --------------------------------------------- Fix issued swiftly, but naturally difficult to install! Sophos users woke up to mayhem on Thursday after the business-focussed antivirus firm released an update that classified itself and any other update utility as a virus. --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/20/sophos_auto… *** IPv6: Nachholbedarf bei Sicherheitslösungen *** --------------------------------------------- Unternehmen sollten besonderes Augenmerk auf die IPv6-Fähigkeit bei Sicherheitssystemen legen. Konkret heißt das, dass sie beim Kauf von Sicherheits-Devices auf explizite IPv6-Unterstützung achten sollten. Dabei ist ein genauer Blick in die Featureliste wichtig, denn der Teufel steckt wie so oft im Detail, wie die dem Artikel zugrunde liegende Studie ergab. --------------------------------------------- http://www.heise.de/security/meldung/IPv6-Nachholbedarf-bei-Sicherheitsloes… *** Android Hacked Via NFC On the Samsung Galaxy S 3 *** --------------------------------------------- An anonymous reader writes with an item from The Next Web: "Security researchers participating in the Mobile Pwn2Own contest at the EuSecWest Conference in Amsterdam [Wednesday] demonstrated how to hack Android through a Near Field Communication (NFC) vulnerability. The 0day exploit was developed by four MWR Labs employees (two in South Africa and two in the UK) for a Samsung Galaxy S 3 phone running Android 4.0.4 (Ice Cream Sandwich). Two separate security holes were leveraged to --------------------------------------------- http://rss.slashdot.org/~r/Slashdot/slashdot/~3/ZEgBeoGKrTk/android-hacked-…

1 0

Tageszusammenfassung - Mittwoch 19-09-2012
by Daily end-of-shift report 19 Sep '12

19 Sep '12

======================= = End-of-Shift report = ======================= Timeframe: Dienstag 18-09-2012 18:00 − Mittwoch 19-09-2012 18:00 Handler: Stephan Richter Co-Handler: Otmar Lendl *** Bugtraq: NGS00268 Patch Notification: Symantec Messaging Gateway Out-of-band stored XSS - delivered by email *** --------------------------------------------- *** Bugtraq: NGS00267 Patch Notification: Symantec Messaging Gateway SSH with backdoor user account *** --------------------------------------------- *** Bugtraq: NGS00265 Patch Notification: Symantec Messaging Gateway - Unauthenticated detailed version disclosure *** --------------------------------------------- *** Bugtraq: NGS00263 Patch Notification: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator *** --------------------------------------------- http://www.securityfocus.com/archive/1/524191 http://www.securityfocus.com/archive/1/524190 http://www.securityfocus.com/archive/1/524193 http://www.securityfocus.com/archive/1/524192 *** Microsoft will kritische IE-Lücke behelfsmäßig schließen *** --------------------------------------------- Microsoft will im Laufe der nächsten Tage ein Fix-it-Tool anbieten, das die kritische Internet-Explorer-Lücke behelfsmäßig abdichten soll, bis ein passender Patch bereitsteht. Dies gab das Unternehmen in seinem Sicherheitsblog bekannt. --------------------------------------------- http://www.heise.de/security/meldung/Microsoft-will-kritische-IE-Luecke-beh… *** Tagungsband zur Fachkonferenz D.A.CH Security 2012 *** --------------------------------------------- Auf der zweitägigen Arbeitskonferenz D.A.CH Security 2012 soll in zahlreichen Vorträgen ein umfassendes Bild des aktuellen Stands rund um IT-Sicherheit gezeichnet werden. Die Referentenbeiträge sind in einem Begleitband zur Tagung zusammengefasst. --------------------------------------------- http://www.heise.de/security/meldung/Tagungsband-zur-Fachkonferenz-D-A-CH-S… *** Pushdo botnets smokescreen traffic hits legitimate websites *** --------------------------------------------- Aargh, capn, the server be like to founder Cybercrooks behind the resilient Pushdo botnet are bombarding legitimate small websites with bogus traffic in order to camouflage requests to the zombie networks command and control servers.… --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/19/pushdo_spew… *** FreeSWITCH remote denial of service vulnerability *** --------------------------------------------- Topic: FreeSWITCH remote denial of service vulnerability Risk: Medium Text:"FreeSWITCH is a scalable open source cross-platform telephony platform designed to route and interconnect popular communicati... --------------------------------------------- http://feedproxy.google.com/~r/securityalert_database/~3/LWCK4QkOGzg/WLB-20… *** [webapps] - Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities *** --------------------------------------------- Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities --------------------------------------------- http://www.exploit-db.com/exploits/21392 *** New vicious UEFI bootkit vuln found for Windows 8 *** --------------------------------------------- Arr, tis typical: Redmond swabs lag behind OS X, again Security researchers have discovered security shortcomings in Windows 8 that create a means to infect the upcoming operating system with rootkit-style malware.… --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/19/win8_rootki…

1 0

Tageszusammenfassung - Dienstag 18-09-2012
by Daily end-of-shift report 18 Sep '12

18 Sep '12

======================= = End-of-Shift report = ======================= Timeframe: Montag 17-09-2012 18:00 − Dienstag 18-09-2012 18:00 Handler: Stephan Richter Co-Handler: Christian Wojner *** Finally; Google Chrome will support Do Not Track *** --------------------------------------------- "Google has finally added support for the DNT (Do Not Track) header to their latest developer build of Chrome. The modification is likely to make it into an official release of Googles popular web browser before the end of the year. Do Not Track is a feature that allows users to express a simple yes or no preference about being tracked online...." --------------------------------------------- http://nakedsecurity.sophos.com/2012/09/17/finally-google-chrome-will-suppo… *** ITU will Internet nicht kontrollieren *** --------------------------------------------- Die International Telecommunication Union (ITU) hat nach eigenen Angaben keinen Appetit auf die Kontrolle des Internets. Themen der im Dezember anstehenden World Conference on International Telecommunication (WCIT) seien vielmehr, Mobilfunkroamingkosten zu verringern, gegen den betrügerischen Missbrauch von Rufnummern anzugehen und ein investitionsfreundliches Klima für die Netze zu schaffen. --------------------------------------------- http://www.heise.de/newsticker/meldung/ITU-will-Internet-nicht-kontrolliere… *** Studie: Webentwickler testen zu wenig auf Sicherheitsfehler *** --------------------------------------------- Der Softwarehersteller Coverity berichtet in seinem "Software Security Risk Report", dass nur etwa zwei Fünftel der Unternehmen aus der Webentwicklungsbranche während der Entwicklung testen und mehr als die Hälfte darauf verzichtet, ihren Code vor den Integrationstests auf Fehler und Schwachstellen zu überprüfen. Daher komme es auch deswegen häufiger zu Sicherheitsvorfällen mit Webanwendungen, das verursache außerdem höhere Kosten. --------------------------------------------- http://www.heise.de/newsticker/meldung/Studie-Webentwickler-testen-zu-wenig… *** VNC-Sicherheitslücke: Apple reicht Bugfix für Remote Desktop 3.5.2 nach *** --------------------------------------------- Apple hat in der Nacht zum Dienstag Apple Remote Desktop Admin 3.5.3 online gestellt. Dabei handelt es sich um ein Bugfix-Update für die Fernwartungslösung, das eine problematische Sicherheitslücke behebt: Diese führte im Zusammenhang mit VNC-Servern von Drittanbietern dazu, dass die Funktion "Den gesamten Datenverkehr verschlüsseln" nicht griff. Dabei erfolgte auch keine Warnmeldung. --------------------------------------------- http://www.heise.de/security/meldung/VNC-Sicherheitsluecke-Apple-reicht-Bug… *** How I CRASHED my bank, stole PINs with a touch-tone phone *** --------------------------------------------- Security bods boast harks back to 1980s phreaking era Miscreants can crash or infiltrate banks and help desks touch-tone and voice-controlled phone systems with a single call, a security researcher warns.… --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/18/dtmf_phone_…

1 0

Tageszusammenfassung - Montag 17-09-2012
by Otmar Lendl 17 Sep '12

17 Sep '12

======================= = End-of-Shift report = ======================= Timeframe: Freitag 14-09-2012 18:00 − Montag 17-09-2012 18:00 Handler: Stephan Richter Co-Handler: Otmar Lendl *** Oracle BTM FlashTunnelService Remote Code Execution *** --------------------------------------------- Topic: Oracle BTM FlashTunnelService Remote Code Execution Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... --------------------------------------------- http://feedproxy.google.com/~r/securityalert_database/~3/26umQooi1WY/WLB-20… *** EFF Challenges Tracking-Services Patent Used to Threaten Cities Across the U.S. *** --------------------------------------------- "San Francisco - The Electronic Frontier Foundation (EFF) is challenging a dangerous patent used to wrongfully demand payment from cities and other municipalities that employ public tracking systems to tell transit passengers if their bus or train is on time. Today, EFF with the help of the Samuelson Law, Technology, and Public Policy Clinic at Berkeley Law, filed a request with the United States Patent and Trademark Office (USPTO), urging reexamination of the legitimacy of the ArrivalStar... --------------------------------------------- https://www.eff.org/press/releases/eff-challenges-tracking-services-patent-… *** Information Commissioner criticises dreamed up EU cookie directive *** --------------------------------------------- "The Information Commissioner Christopher Graham has questioned the effectiveness of the EU cookie directive, suggesting that it was "dreamed up by politicians in Brussels" without the appropriate market research to back it up. Speaking at the launch of a new report called The Data Dialogue by think tank Demos, Graham said that policies around the use of personal data by companies and public sector organisations need to be evidence-based...." --------------------------------------------- http://computerworld.co.nz/news.nsf/news/information-commissioner-criticise… *** Anonymous didnt steal from the FBI after all - new conspiracy theories needed! *** --------------------------------------------- "A techie named David Schuetz at security consultancy Intrepidus Group has done something so obvious, so simple, and so tellingly useful, that Im going to go all out and call it a stroke of genius. A week ago, a person called Anonymous published one-million-and-one stolen Apple device IDs. (Theres always room for numerological whimsy in hacking circles.)This Anonymous person then blamed the FBI - crimes are always someone elses fault if youre a hacker - by claiming that the data was stolen... --------------------------------------------- http://nakedsecurity.sophos.com/2012/09/11/fbi-data-leak-of-apple-udids-cam… *** Vuln: ISC DHCP IPv6 Lease Expiration Handling Denial of Service Vulnerability *** --------------------------------------------- ISC DHCP IPv6 Lease Expiration Handling Denial of Service Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/55530 *** Vuln: Novell GroupWise Internet Agent CVE-2012-0271 Remote Integer Overflow Vulnerability *** --------------------------------------------- Novell GroupWise Internet Agent CVE-2012-0271 Remote Integer Overflow Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/55551

1 0

Tageszusammenfassung - Freitag 14-09-2012
by Otmar Lendl 17 Sep '12

17 Sep '12

======================= = End-of-Shift report = ======================= Timeframe: Donnerstag 13-09-2012 18:00 - Freitag 14-09-2012 18:00 Handler: Stephan Richter *** The Tinba/Tinybanker Malware *** --------------------------------------------- "Trend Micro and CSIS have released a joint white paper about the Tinba information-stealing malware. The paper contains a thorough technical analysis of the malware itself, as well as the architecture of its infrastructure, and its ties to other illegal activities. What is Tinba?..." --------------------------------------------- http://blog.trendmicro.com/?p=44994 *** Blackhole 2: Crimeware kit gets stealthier, Windows 8 support *** --------------------------------------------- Malware-flinging tool to target mobiles too Cybercrooks have unveiled a new version of the Blackhole exploit kit. Version 2 of Blackhole is expressly designed to better avoid security defences. Support for Windows 8 and mobile devices is another key feature, a sign of the changing target platforms for malware-based cyberscams. --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/13/blackhole_e… *** Bugtraq: Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities *** --------------------------------------------- Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities --------------------------------------------- http://www.securityfocus.com/archive/1/524157 *** Over half of Android devices have unpatched holes *** --------------------------------------------- Fix is up to your carrier, Google, mobo maker - just about everyone Duo Security is claiming that "over half" of Android devices have unpatched vulnerabilities. --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/14/duo_says_an… *** Analyzing Malicious RTF Files Using OfficeMalScanners RTFScan, (Fri, Sep 14th) *** --------------------------------------------- Attackers have been using Rich Text Format (RTF) files to carry exploits targeting vulnerabilities in Microsoft Office and other products. We documented one such incident in June 2009. In a more recent example, the CVE-2012-0158 vulnerability was present in Active X controls within MSCOMCTL.OCX, which could be activated using Microsoft Office and other applications. McAfee described one such exploit, which appeared in the wild in April 2012: In the malicious RTF, a vulnerable OLE... --------------------------------------------- http://isc.sans.edu/diary.html?storyid=14092&rss *** Lücke in SSL-Verschlüsselung kaum ausnutzbar *** --------------------------------------------- Experten haben ein Problem bei der im Web üblichen SSL-Verschlüsselung ausgemacht, das auftritt, wenn der Inhalt zuvor komprimiert wurde. Zum Glück haben die betroffenen Browser-Hersteller bereits reagiert. --------------------------------------------- http://www.heise.de/security/meldung/Luecke-in-SSL-Verschluesselung-kaum-au… *** Vuln: OpenSLP SLPIntersectStringList() Function Denial of Service Vulnerability *** --------------------------------------------- OpenSLP SLPIntersectStringList() Function Denial of Service Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/55540 *** [webapps] - Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF *** --------------------------------------------- Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF --------------------------------------------- http://www.exploit-db.com/exploits/21319

1 0

Tageszusammenfassung - Donnerstag 13-09-2012
by Otmar Lendl 17 Sep '12

17 Sep '12

======================= = End-of-Shift report = ======================= Timeframe: Donnerstag 13-09-2012 08:00 - Donnerstag 13-09-2012 18:00 Handler: Stephan Richter Co-Handler: L. Aaron Kaplan *** ICS-CERT Monthly Monitor for August 2012 *** --------------------------------------------- "Internet facing medical devices may have a very similar security risk profile to industrial control systems (ICSs). ICSs and medical devices are valuable equipment, often critical to the viability of the system to which they are attached. In each case, lives may depend on the devices functioning correctly...." --------------------------------------------- http://www.us-cert.gov/control_systems/pdf/ICS-CERT_Monthly_Monitor_August_… *** Vuln: OpenStack Keystone Token Validation CVE-2012-4413 Security Bypass Vulnerability *** --------------------------------------------- OpenStack Keystone Token Validation CVE-2012-4413 Security Bypass Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/55524 *** Cyber Defence & Network Security Conference - 28-31 Jan, 2013 *** --------------------------------------------- "As a quick background, this is the best-attended cyber defence and network security conference held by Defence IQ - covered by BBC in both 2011 and 2012. This event combines high-level strategic briefings from 26+ senior international military and cyber experts, combined with valuable and intimate networking opportunities with heads of CERT, Systems Security, Military IT, Counter Terrorism, Cyber Crime and Networks professionals...." --------------------------------------------- http://www.cdans.org/redForms.aspx?id=821954&pdf_form=1 *** Security update released for ColdFusion 10 and earlier (APSB12-21) *** --------------------------------------------- Today, a Security Bulletin (APSB12-21) has been posted in regards to a security hotfix for Adobe ColdFusion 10 and earlier versions for Windows, Macintosh and UNIX. Adobe recommends users update their product installation using the instructions provided in the security bulletin. This posting is provided AS IS with no warranties and confers no rights. --------------------------------------------- http://blogs.adobe.com/psirt/2012/09/security-update-released-for-coldfusio… *** Microsoft disrupts traffic associated with the Nitol botnet, (Thu, Sep 13th) *** --------------------------------------------- There is an interesting article that was just published by Microsofts Digital Crimes Unit. Attackers have been infecting manufacturer supply chains to spread their evil warez. Some unnamed manufacturers have been selling products loaded with counterfeit versions of Windows software embedded with harmful malware. The article goes on to say that the Malware allows criminals to steal a persons personal information to access and abuse their online services, including e-mail, social networking --------------------------------------------- http://isc.sans.edu/diary.html?storyid=14086&rss *** PHP 5.5 soll Passwort-Schlamperei eindaemmen *** --------------------------------------------- http://www.heise.de/security/meldung/PHP-5-5-soll-Passwort-Schlamperei-eind…

1 0

Tageszusammenfassung - Mittwoch 12-09-2012
by Otmar Lendl 17 Sep '12

17 Sep '12

======================= = End-of-Shift report = ======================= Timeframe: Dienstag 11-09-2012 18:05 - Mittwoch 12-09-2012 18:00 Handler: Stephan Richter Co-Handler: Christian Wojner *** Bugtraq: ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities *** --------------------------------------------- ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities --------------------------------------------- http://www.securityfocus.com/archive/1/524142 *** Bugtraq: Multiple vulnerabilities in Ezylog photovoltaic management server *** --------------------------------------------- Multiple vulnerabilities in Ezylog photovoltaic management server --------------------------------------------- http://www.securityfocus.com/archive/1/524140 *** Vuln: libguac Remote Buffer Overflow Vulnerability *** --------------------------------------------- libguac Remote Buffer Overflow Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/55497 *** The geography of cybercrime: Western Europe and North America *** --------------------------------------------- "The Internet knows no borders, but according to our data, cybercrime has specific geographical features. In different parts of the world cybercriminals launch different malicious programs, their attacks have different priorities and they use different tricks to make money. This is not just due to their physical location, but also due to the nature of the countries where their potential victims are located...." --------------------------------------------- http://www.securelist.com/en/analysis/204792244/The_geography_of_cybercrime… *** Cosmo, the Hacker God Who Fell to Earth *** --------------------------------------------- "Cosmo is huge 6 foot 7 and 220 pounds the last time he was weighed, at a detention facility in Long Beach, California on June 26. And yet hes getting bigger, because Cosmo also known as Cosmo the God, the social-engineering mastermind who weaseled his way past security systems at Amazon, Apple, AT&T, PayPal, AOL, Netflix, Network Solutions, and Microsoft is just 15 years old. He turns 16 next March, and he may very well do so inside a prison cell...." --------------------------------------------- http://www.wired.com/gadgetlab/2012/09/cosmo-the-god-who-fell-to-earth/ *** Inside your users brains: Where they get security advice *** --------------------------------------------- "IT professionals work hard to become experts in their field. They also work hard protecting the infrastructure and users they're responsible for. Unfortunately, not everyone has access to an IT expert...." --------------------------------------------- http://www.techrepublic.com/blog/security/inside-your-users-brains-where-th… *** Microsoft will Flash-LÃ¼cke im IE10 nun doch schlieÃen *** --------------------------------------------- Nachdem es Kritik hagelte, will Microsoft den in seinem neuen Internet Explorer festintegrierten Flash Player nun doch vor der offiziellen Freigabe von Windows 8 aktualisieren. --------------------------------------------- http://www.heise.de/security/meldung/Microsoft-will-Flash-Luecke-im-IE10-nu… *** Vuln: Dnsmasq Remote Denial of Service Vulnerability *** --------------------------------------------- Dnsmasq Remote Denial of Service Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/54353 *** Cyber security strengthened at EU institutions *** --------------------------------------------- "EU institutions have reinforced their fight against cyber threats by establishing the EUs Computer Emergency Response Team, or CERT-EU, on a permanent basis. This decision follows a successful one-year pilot for the team, which drew positive assessments from clients and peers. Vice-President Maros Sefcovic said: "The EU institutions, like any other major organizations, are frequently the target of information security incidents...." --------------------------------------------- http://www.net-security.org/secworld.php?id=13580 *** Cyber Crime: The QR code: A new frontier in mobile attackability *** --------------------------------------------- A single poisoned link is all it takes to expose an entire organization to a full-scale attack. Hackers write sophisticated browser-based attacks that operate quite stealthily. Now, they're going a... --------------------------------------------- http://feedproxy.google.com/~r/HelpNetSecurity/~3/OL5fpFtGGvU/article.php *** Visas New End-to-End Encryption Service - P2P Encryption Program Aims to Eliminate POS Card Risks *** --------------------------------------------- "Visas new end-to-end encryption service aims to eliminate payment card data at the merchant level. Eduardo Perez of Visas Risk Group discusses the security value of this emerging solution. Visas Merchant Data Secure with Point-to-Point Encryption solution wont launch until 2013...." --------------------------------------------- http://www.bankinfosecurity.com/interviews/visas-new-end-to-end-encryption-…

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Daily