======================= = End-of-Shift report = =======================
Timeframe: Mittwoch 29-05-2013 18:00 − Freitag 31-05-2013 18:00 Handler: Matthias Fraidl Co-Handler: Otmar Lendl
*** Carna Botnet Analysis Renders Scary Numbers on Vulnerable Devices *** --------------------------------------------- An analysis of the data rendered by the Carna botnet reveals a shocking number of vulnerable devices reachable online with default credentials. --------------------------------------------- http://threatpost.com/carna-botnet-analysis-renders-scary-numbers-on-vulnera...
*** PayPal-Schwachstelle endlich geschlossen *** --------------------------------------------- Fast zwei Wochen hat sich der Zahungsabwickler mit dem Schließen einer kritischen Lücke Zeit gelassen. Fünf Tage davon waren die PayPal-Nutzer einem hohen Angriffsrisiko ausgesetzt. --------------------------------------------- http://www.heise.de/newsticker/meldung/PayPal-Schwachstelle-endlich-geschlos...
*** Zavio IP Cameras multiple vulnerabilities *** --------------------------------------------- Zavio IP Cameras default account Zavio IP Cameras command execution --------------------------------------------- http://xforce.iss.net/xforce/xfdb/84568 http://xforce.iss.net/xforce/xfdb/84569
*** Debian Security Advisory DSA-2697 gnutls26 *** --------------------------------------------- out-of-bounds array read --------------------------------------------- http://www.debian.org/security/2013/dsa-2697
*** Apache-Server durch Log-Files angreifbar *** --------------------------------------------- In Apache klafft ein Sicherheitsloch, durch das Angreifer Befehle im Log platzieren können, die ausgeführt werden, sobald der Admin die Datei öffnet. --------------------------------------------- http://www.heise.de/security/meldung/Apache-Server-durch-Log-Files-angreifba...
*** RSA Authentication Manager Information Disclosure and PostgreSQL Vulnerabilities *** --------------------------------------------- RSA Authentication Manager Information Disclosure and PostgreSQL Vulnerabilities --------------------------------------------- https://secunia.com/advisories/53641
*** Siemens SCALANCE Privilege Escalation Vulnerabilities *** ---------------------------------------------
--------------------------------------------- http://ics-cert.us-cert.gov/advisories/ICSA-13-149-01
*** P2P-Botnetze viel größer als vermutet *** --------------------------------------------- Mit eingeschleusten Sensoren hat ein internationales Forscherteam große Botnetze mit Peer-to-Peer-Infrastruktur vermessen. Sie fanden zum Teil über vierzig Mal mehr infizierte Systeme als mit herkömmlicher Zählweise. --------------------------------------------- http://www.heise.de/newsticker/meldung/P2P-Botnetze-viel-groesser-als-vermut...
*** Monkey HTTPD 1.1.1 Denial of Service Vulnerability *** --------------------------------------------- Topic: Monkey HTTPD 1.1.1 Denial of Service Vulnerability Risk: Low Text:Title: Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: == 2013-05-28 References: == http://bugs... --------------------------------------------- http://cxsecurity.com/issue/WLB-2013050217
*** Mobile Device Security: The Problems of Remotely Disabling Stolen Phones *** --------------------------------------------- The problem of mobile device theft has become sufficiently severe that legislators have decided to file bills discussing it. Last week, US Senator Charles Schumer re-filed Mobile Device Theft Deterrence Act of 2013, which makes modifying a device's International Mobile Equipment Identity (IMEI) number a crime punishable by up to five years in federal prison. --------------------------------------------- http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/FxukunuZ9f0/
*** iCloud users take note: Apple two-step protection won't protect your data *** --------------------------------------------- Limitations could leave users open to the type of hack that hit Wireds Matt Honan. --------------------------------------------- http://feeds.arstechnica.com/~r/arstechnica/security/~3/VFgQ6tJje98/
*** Weekly Update: The Nginx Exploit and Continuous Testing *** --------------------------------------------- Weekly Update: The Nginx Exploit and Continuous Testing --------------------------------------------- https://community.rapid7.com/community/metasploit/blog/2013/05/30/weekly-upd...
*** Ruckus SSH Server Tunneling Issue *** --------------------------------------------- Topic: Ruckus SSH Server Tunneling Issue --------------------------------------------- http://cxsecurity.com/issue/WLB-2013050219
*** Vuln: Cisco Nexus 1000 Series Switches NX-OS CVE-2013-1209 Remote Authentication Bypass Vulnerability *** --------------------------------------------- Cisco Nexus 1000 Series Switches NX-OS CVE-2013-1209 Remote Authentication Bypass Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/60224
*** VMware Security Advirsory VMSA-2013-0007 *** --------------------------------------------- VMware ESX third party update for Service Console package sudo --------------------------------------------- https://www.vmware.com/support/support-resources/advisories/VMSA-2013-0007.h...
*** Phishing und verseuchter Spam - Betrug fast ohne Makel *** --------------------------------------------- Neue Woche, neue Kuriositäten. Diese Woche haben wir zwei interessante E-Mailbetrugversuche aus dem Zauberhut Internet gezogen. Dabei sind eine perfekt gestaltete Mastercard-Phishing-Seite und Trojaner-Mails im Namen der Firmen Otto und Görtz. --------------------------------------------- http://www.heise.de/security/meldung/Phishing-und-verseuchter-Spam-Betrug-fa...