======================= = End-of-Shift report = =======================
Timeframe: Mittwoch 29-04-2015 18:00 − Donnerstag 30-04-2015 18:00 Handler: Alexander Riepl Co-Handler: n/a
*** MailChimp - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-101 *** --------------------------------------------- The MailChimp Signup submodule does not properly sanitize some user input, allowing a malicious user to embed scripts within a page, resulting in a Cross-site Scripting (XSS) vulnerability. --------------------------------------------- https://www.drupal.org/node/2480253
*** My Website Was Blacklisted By Google and Distributing Email Spam *** --------------------------------------------- Being blacklisted is one of the worst things that can happen to a website. The public shame coming from every visitor being stopped by the Big Red Warning page can literally destroy .. --------------------------------------------- https://blog.sucuri.net/2015/04/my-website-was-blacklisted-by-google-and-dis...
*** Cisco StarOS for Cisco ASR 5000 Series HTTP Packet Processing Denial of Service Vulnerability *** --------------------------------------------- http://tools.cisco.com/security/center/viewAlert.x?alertId=38580
*** Bedep trojan malware spread by the Angler exploit kit gets political *** --------------------------------------------- We recently observed what seems to be a group of cybercriminals helping spread pro-Russia messaging by artificially inflating video views and ratings on a popular video website. The .. --------------------------------------------- https://www.trustwave.com/Resources/SpiderLabs-Blog/Bedep-trojan-malware-spr...
*** Cyber threat intelligence group links Russia to cyber espionage and attacks *** --------------------------------------------- "Operation Armageddon," active since at least mid-2013, exposes a cyber espionage campaign devised to provide a military advantage to Russian leadership by targeting Ukrainian government, law enforcement, and military .. --------------------------------------------- http://www.liveleak.com/view?i=b39_1430249732
*** WhatsApp durchleuchtet: Vorbildliche Verschlüsselung weitgehend nutzlos *** --------------------------------------------- Um die Frage zu beantworten wie vertrauenswürdig die von WhatsApp seit einigen Monaten eingesetzte Ende-zu-Ende-Verschlüsselung ist, hat c't sie unter die Lupe genommen: Zwar setzt WhatsApp die richtige Technik ein, viel nützt das aber trotzdem nicht. --------------------------------------------- http://heise.de/-2629081
*** Voiceprint: Stimmenerkennung ist die neue Gesichtserkennung *** --------------------------------------------- Statt mit einem Passwort können sich Bankkunden mittlerweile mit ihrer Stimme am Telefon identifizieren. Akustische Biometriesysteme werden in immer mehr Firmen eingesetzt. Die Gefahr: Auch Geheimdienste und Staaten können auf die Technik zugreifen. --------------------------------------------- http://www.golem.de/news/voiceprint-stimmenerkennung-ist-die-neue-gesichtser...
*** Analysis of a MICROSOFT WORD INTRUDER sample: execution, check-in and payload delivery *** --------------------------------------------- On April 1st FireEye released a report on 'MWI; and 'MWISTAT' which is a sort of exploit kit for Word Documents if you will: A New Word Document Exploit Kit In the article FireEye goes over MWI which is the short for 'Microsoft Word Intruder' coded .. --------------------------------------------- http://blog.0x3a.com/post/117760824504/analysis-of-a-microsoft-word-intruder...
*** A Brief Look at DNS Zone Transfer for Alexia's Top 1M Domains *** --------------------------------------------- The folks at Rapid7 have released another scan. This one is looking at Alexa's top 1 million domains for DNS servers which have allowed unauthenticated requests for Zone Transfer. --------------------------------------------- http://atechdad.com/a-brief-look-at-dns-zone-transfer-for-alexias-top-1m-dom...
*** TA15-120A: Securing End-to-End Communications *** --------------------------------------------- Securing end-to-end communications plays an important role in protecting privacy and preventing some forms of man-in-the-middle (MITM) attacks. Recently, researchers described a MITM attack used to inject code, .. --------------------------------------------- https://www.us-cert.gov/ncas/alerts/TA15-119A-0
*** The BACKRONYM MySQL Vulnerability *** --------------------------------------------- Earlier this year, I - along with some members of our DevOps team - noticed some interesting behavior in libmysqlclient and the MySQL CLI: no matter how hard we tried (no matter how many MYSQL_OPT_SSL_* options we set) we could not make the client enforce the use of SSL. If the server claimed not to support it, the .. --------------------------------------------- https://www.duosecurity.com/blog/backronym-mysql-vulnerability