======================= = End-of-Shift report = =======================
Timeframe: Mittwoch 15-04-2015 18:00 − Donnerstag 16-04-2015 18:00 Handler: Alexander Riepl Co-Handler: Robert Waldner
*** Impacts of a Hack on a Magento Ecommerce Website *** --------------------------------------------- Recently we wrote about the impacts of a hacked website and how it is important to give website visitors a safe online experience In this post, I'll show you how a hacked website results in almost immediate loss of money. We are not talking about drive-by infections that can be prevented by using a good anti-virus, updated software, and extensions like NoScript. ... This time, we're talking about using legitimate sites that have absolutely no externally visible signs of compromise. --------------------------------------------- https://blog.sucuri.net/2015/04/impacts-of-a-hack-on-a-magento-ecommerce-web...
*** Services - Critical - Multiple Vulnerabilites - SA-CONTRIB-2015-096 *** --------------------------------------------- Advisory ID: DRUPAL-SA-CONTRIB-2015-096 Project: Services (third-party module) Version: 7.x Date: 2015-April-15 Security risk: 16/25 ( Critical) AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:Uncommon Vulnerability: Access bypass, Arbitrary PHP code execution --------------------------------------------- https://www.drupal.org/node/2471879
*** Display Suite - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-095 *** --------------------------------------------- Advisory ID: DRUPAL-SA-CONTRIB-2015-095 Project: Display Suite (third-party module) Version: 7.x Date: 2015-April-15 Security risk: 13/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Cross Site Scripting --------------------------------------------- https://www.drupal.org/node/2471733
*** The Delicate Art of Remote Checks - A Glance Into MS15-034 *** --------------------------------------------- Recently, the research team posted a testing script for the MS15-034 vulnerability to pastebin for the greater community to test. We received some feedback about how exactly we figured out how to check, and remote checks in general. --------------------------------------------- http://blog.beyondtrust.com/the-delicate-art-of-remote-checks-a-glance-into-...
*** Denial of Service Attacks Possible with OpenSSL Vulnerability CVE-2015-1787 *** --------------------------------------------- On March 19 we wrote about how OpenSSL disclosed and fixed 13 vulnerabilities to address several security holes. Among the vulnerabilities addressed was CVE-2015-1787, which can result in a complete denial of service on an application compiled with OpenSSL library. This blog post will tackle how the bug can be exploited ... --------------------------------------------- http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Q6dMoVlcsE4/
*** Exploit kits (still) pushing Teslacrypt ransomware, (Thu, Apr 16th) *** --------------------------------------------- Teslacrypt is a form of ransomware that was first noted in January of this year. This malware apparently targets video game-related files. Ive seen Teslacrypt dropped by the Sweet Orange exploit kit (EK), and its also been dropped by Nuclear EK. McAfee saw it dropped by Angler EK last month. --------------------------------------------- https://isc.sans.edu/diary.html?storyid=19581&rss
*** New POS Malware Emerges - Punkey *** --------------------------------------------- During a recent United States Secret Service investigation, Trustwave encountered a new family of POS malware, that we named Punkey. It appears to have evolved from the NewPOSthings family of malware first discovered by Dennis Schwarz and Dave Loftus at... --------------------------------------------- https://www.trustwave.com/Resources/SpiderLabs-Blog/New-POS-Malware-Emerges-...
*** IBM stellt seine Security-Datenbank ins Netz *** --------------------------------------------- IBM Security macht seine IT-Sicherheitsdatenbank künftig auf der Sharing-Plattform X-Force Exchange in der Cloud zugänglich. --------------------------------------------- http://heise.de/-2608795
*** crossdomain.xml : Beware of Wildcards *** --------------------------------------------- This blog entry will describe a wide spread Flash vulnerability that affected many big websites including paypal.com. The description will picture the state of the website paypal.com and ebay.com in 2013-2014. The vulnerabilities were completely fixed two weeks ago. Therefore, it is not possible to reproduce this vulnerability as-is. --------------------------------------------- http://blog.h3xstream.com/2015/04/crossdomainxml-beware-of-wildcards.html
*** Cisco Secure Access Control Server Dashboard Page Cross-Site Request Forgery Vulnerability *** http://tools.cisco.com/security/center/viewAlert.x?alertId=38403
*** Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability *** http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...
*** Cisco IOS XR Software BVI Routed Packet Denial of Service Vulnerability *** http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...