======================= = End-of-Shift report = ======================= Timeframe: Donnerstag 13-09-2012 18:00 - Freitag 14-09-2012 18:00 Handler: Stephan Richter
*** The Tinba/Tinybanker Malware *** --------------------------------------------- "Trend Micro and CSIS have released a joint white paper about the Tinba information-stealing malware. The paper contains a thorough technical analysis of the malware itself, as well as the architecture of its infrastructure, and its ties to other illegal activities. What is Tinba?..." --------------------------------------------- http://blog.trendmicro.com/?p=44994
*** Blackhole 2: Crimeware kit gets stealthier, Windows 8 support *** --------------------------------------------- Malware-flinging tool to target mobiles too Cybercrooks have unveiled a new version of the Blackhole exploit kit. Version 2 of Blackhole is expressly designed to better avoid security defences. Support for Windows 8 and mobile devices is another key feature, a sign of the changing target platforms for malware-based cyberscams. --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/13/blackhole_ex...
*** Bugtraq: Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities *** --------------------------------------------- Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities --------------------------------------------- http://www.securityfocus.com/archive/1/524157
*** Over half of Android devices have unpatched holes *** --------------------------------------------- Fix is up to your carrier, Google, mobo maker - just about everyone Duo Security is claiming that "over half" of Android devices have unpatched vulnerabilities. --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/14/duo_says_and...
*** Analyzing Malicious RTF Files Using OfficeMalScanners RTFScan, (Fri, Sep 14th) *** --------------------------------------------- Attackers have been using Rich Text Format (RTF) files to carry exploits targeting vulnerabilities in Microsoft Office and other products. We documented one such incident in June 2009. In a more recent example, the CVE-2012-0158 vulnerability was present in Active X controls within MSCOMCTL.OCX, which could be activated using Microsoft Office and other applications. McAfee described one such exploit, which appeared in the wild in April 2012: In the malicious RTF, a vulnerable OLE... --------------------------------------------- http://isc.sans.edu/diary.html?storyid=14092&rss
*** Lücke in SSL-Verschlüsselung kaum ausnutzbar *** --------------------------------------------- Experten haben ein Problem bei der im Web üblichen SSL-Verschlüsselung ausgemacht, das auftritt, wenn der Inhalt zuvor komprimiert wurde. Zum Glück haben die betroffenen Browser-Hersteller bereits reagiert. --------------------------------------------- http://www.heise.de/security/meldung/Luecke-in-SSL-Verschluesselung-kaum-aus...
*** Vuln: OpenSLP SLPIntersectStringList() Function Denial of Service Vulnerability *** --------------------------------------------- OpenSLP SLPIntersectStringList() Function Denial of Service Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/55540
*** [webapps] - Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF *** --------------------------------------------- Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF --------------------------------------------- http://www.exploit-db.com/exploits/21319