======================= = End-of-Shift report = =======================
Timeframe: Mittwoch 10-07-2013 18:00 − Donnerstag 11-07-2013 18:00 Handler: Matthias Fraidl Co-Handler: Christian Wojner
*** Strange ransomware title pushes surveys, knows Close Encounters tune *** --------------------------------------------- If your PC's CD tray opens and you hear the iconic, five-note tune from the movie Close Encounters of the Third Kind, it's probably not a visit from aliens. Chances are it's a newly discovered piece of malware with some highly unusual characteristics. --------------------------------------------- http://arstechnica.com/security/2013/07/strange-ransomware-title-pushes-surv...
*** Google Fixes 17 Flaws in Chrome 28 *** --------------------------------------------- Google has fixed more than 15 vulnerabilities in Chrome and paid out nearly $35,000 in rewards to security researchers for reporting the bugs. One researcher earned an unusually large reward of $21,500 for a series of vulnerabilities he reported in Chrome. --------------------------------------------- http://threatpost.com/google-fixes-17-flaws-in-chrome-28/101240
*** How elite security ninjas choose and safeguard their passwords *** --------------------------------------------- If you felt a twinge of angst after reading Ars' May feature that showed how password crackers ransack even long passwords such as "qeadzcwrsfxv1331", you weren't alone. The upshot was clear: If long passwords containing numbers, symbols, and upper- and lower-case letters are this easy to break, what are users to do? --------------------------------------------- http://arstechnica.com/security/2013/07/how-elite-security-ninjas-choose-and...
*** Is it Time to Add Vulnerability Wednesday? *** --------------------------------------------- By now, you've likely seen Google's announcement that they now support a seven-day timeline for disclosure of critical vulnerabilities. Our CTO Raimund Genes believes that seven days is pretty aggressive and that rushing patches often leads to painful collateral damage. --------------------------------------------- http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Kakh3BWekwY/
*** Drupal TinyBox 7.x Cross Site Scripting *** --------------------------------------------- Topic: Drupal TinyBox 7.x Cross Site Scripting Risk: Low Text: View online: https://drupal.org/node/2038807 --------------------------------------------- http://cxsecurity.com/issue/WLB-2013070081
*** nginx 1.3.9 / 1.4.0 x86 Brute Force Proof Of Concept *** --------------------------------------------- Topic: nginx 1.3.9 / 1.4.0 x86 Brute Force Proof Of Concept Risk: Medium Text: nginx 1.3.9/1.4.0 x86 brute force remote exploit --------------------------------------------- http://cxsecurity.com/issue/WLB-2013070087
*** Adobe Reader 11.0.03 Insecure Third Party Components *** --------------------------------------------- Topic: Adobe Reader 11.0.03 Insecure Third Party Components Risk: High Text: Hi @ll, the current Adobe Reader 11.0.03 installs the following VULNERABLE (3rd party) --------------------------------------------- http://cxsecurity.com/issue/WLB-2013070086
*** Avira-Update blockiert Browser und E-Mail-Clients *** --------------------------------------------- Ein Avira-Update der Avira Internet Security verursacht Probleme. Der Internet-Zugang wird blockiert; das Versions-Upgrade scheint mit den Problemen aber nichts zu tun zu haben. --------------------------------------------- http://www.heise.de/security/meldung/Avira-Update-blockiert-Browser-und-E-Ma...
*** Debian Security Advisory DSA-2719 poppler *** --------------------------------------------- several vulnerabilities --------------------------------------------- http://www.debian.org/security/2013/dsa-2719
*** D-Link muss auch Netzwerkkameras absichern *** --------------------------------------------- Auch D-Links IP-Cams sind über UPnP angreifbar. Ein ganzer Schwung Firmware-Updates soll nun dafür sorgen, dass sich das ändert. --------------------------------------------- http://www.heise.de/security/meldung/D-Link-muss-auch-Netzwerkkameras-absich...
*** Attackers Targeting MS13-055 IE Vulnerability *** --------------------------------------------- Attackers are using an Internet Explorer vulnerability, which Microsoft patched yesterday, in targeted attacks that also employ a malicious Flash file installed through a drive-by download launched by compromised Web pages. The exploit that's being used is capable of bypassing both ASLR and DEP. --------------------------------------------- http://threatpost.com/attackers-targeting-ms13-055-ie-vulnerability/101253
*** New commercially available mass FTP-based proxy-supporting doorway/malicious script uploading application spotted in the wild *** --------------------------------------------- For many years now, cybercriminals have been efficiency abusing both legitimate compromised and automatically registered FTP accounts (using CAPTCHA outsourcing) in an attempt to monetize the process by uploading cybercrime-friendly 'doorways' or plain simple malicious scripts to be used later on in their campaigns. --------------------------------------------- http://blog.webroot.com/2013/07/11/new-commercially-available-mass-ftp-based...
*** Bugtraq: Facebook Url Redirection Vuln. *** --------------------------------------------- By obtaining user-specific hash value, an attacker redirect the user to a malicious website without asking for verification. The hash value can be found from the link that the user send to his/her wall. After clicking on user's link, by setting BurpSuite Proxy, the attacker intercept the parameters in the methods. --------------------------------------------- http://www.securityfocus.com/archive/1/527194