======================= = End-of-Shift report = =======================
Timeframe: Dienstag 14-02-2017 18:00 − Mittwoch 15-02-2017 18:00 Handler: Alexander Riepl Co-Handler: n/a
*** Amnesty International uncovers phishing campaign against human rights activists *** --------------------------------------------- Attacker targeted groups in Qatar, Nepal using extensive fake social media profile. --------------------------------------------- https://arstechnica.com/security/2017/02/amnesty-international-uncovers-phis...
*** Siemens SIMATIC Authentication Bypass *** --------------------------------------------- This advisory contains mitigation details for an authentication bypass in Siemens SIMATIC. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-045-03
*** Attacking the Windows NVIDIA Driver *** --------------------------------------------- Modern graphic drivers are complicated and provide a large promising attack surface for EoPs and sandbox escapes from processes that have access to the GPU (e.g. the Chrome GPU process). In this blog post we’ll take a look at attacking the .. --------------------------------------------- http://googleprojectzero.blogspot.com/2017/02/attacking-windows-nvidia-drive...
*** Ransomware: a declining nuisance or an evolving menace? *** --------------------------------------------- The volume of ransomware encounters is on a downward trend. Are we seeing the beginning of the end of this vicious threat? Unfortunately, a look at the attack vectors, the number of .. --------------------------------------------- https://blogs.technet.microsoft.com/mmpc/2017/02/14/ransomware-2016-threat-l...
*** New ASLR-busting JavaScript is about to make drive-by exploits much nastier *** --------------------------------------------- A property found in virtually all modern CPUs neuters decade-old security protection. --------------------------------------------- https://arstechnica.com/security/2017/02/new-aslr-busting-javascript-is-abou...
*** Adobe-Patchday: Flash Player wie üblich in kritischem Zustand *** --------------------------------------------- Im Flash Player und Adobe Digital Editions klaffen kritische Lücken. Aktuell sind vor allem Windows-Nutzer von den Flash-Lücken bedroht. Adobe Campaign erhält ebenfalls Sicherheitsupdates. --------------------------------------------- https://heise.de/-3626386
*** Researchers Discover Self-Healing Malware That Targets Magento Stores *** --------------------------------------------- Dutch malware experts have found a new malware strain that targets online shops running on the Magento platform, .. --------------------------------------------- https://www.bleepingcomputer.com/news/security/researchers-discover-self-hea...
*** Cisco: Zwei VPN-Lücken und eine Schwachstelle, die offiziell keine ist *** --------------------------------------------- Cisco hat Sicherheitslücken im AnyConnect-VPN und auf seinen ASA-Firewalls gestopft. Ein Sicherheitsproblem mit dem SMI-Protokoll, welches es aus der Ferne erlaubt, neue Betriebssystem-Images auf Switches zu laden, sieht die Firma allerdings nicht. --------------------------------------------- https://heise.de/-3627330
*** Are Windows Registry Fixers Safe? *** --------------------------------------------- Before I got into cybersecurity, I spent years as a technical support agent for Windows end users of Windstream, an American ISP. Although Windstream is an ISP, they also offered a general Windows client OS remote support service for their predominantly .. --------------------------------------------- https://www.alienvault.com/blogs/security-essentials/should-windows-users-be...
*** Xagent: Russische Hackergruppe setzt auch auf Mac-Spionage-Software *** --------------------------------------------- Eine auf macOS abzielende Version der Malware Xagent stammt offenbar von der Hackergruppe APT28, die mit dem Angriff auf die Demokratische Partei im US-Wahlkampf in Verbindung gebracht wird. Xagent soll unter anderem iPhone-Backups entwenden. --------------------------------------------- https://heise.de/-3627630
*** Researchers trick CEO email scammer into giving up identity *** --------------------------------------------- Businesses targeted in email scams don’t always have to play the victim. They can actually fight back.Researchers at Dell SecureWorks have documented how they identified a .. --------------------------------------------- http://www.cio.com/article/3170117/security/researchers-trick-ceo-email-scam...