======================= = End-of-Shift report = =======================
Timeframe: Dienstag 20-10-2015 18:00 − Mittwoch 21-10-2015 18:00 Handler: Alexander Riepl Co-Handler: n/a
*** VMSA-2015-0003.13 *** --------------------------------------------- http://www.vmware.com/security/advisories/VMSA-2015-0003.html
*** APPLE-SA-2015-10-20-1 OS X: Flash Player plug-in blocked *** --------------------------------------------- Due to security issues in older versions, Apple has updated the web plug-in blocking mechanism to disable all versions prior to Flash Player 19.0.0.226 and 18.0.0.255. --------------------------------------------- http://prod.lists.apple.com/archives/security-announce/2015/Oct/msg00001.htm...
*** VMSA-2015-0007.2 *** --------------------------------------------- http://www.vmware.com/security/advisories/VMSA-2015-0007.html
*** Oracle Linux Bulletin - October 2015 *** --------------------------------------------- Oracle Linux Bulletin - October 2015 --------------------------------------------- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-27196...
*** New Headaches: How The Pawn Storm Zero-Day Evaded Java's Click-to-Play Protection *** --------------------------------------------- Several months ago, we disclosed that Pawn Storm was using a then-undiscovered zero-day Java vulnerability to carry out its attacks. At the time, we noted that a separate vulnerability was used to bypass the click-to-play protection that is in use by Java. This second vulnerability has now been .. --------------------------------------------- http://blog.trendmicro.com/trendlabs-security-intelligence/new-headaches-how...
*** Multiple vulnerabilities in SAP products *** --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-15-532/ http://www.zerodayinitiative.com/advisories/ZDI-15-531/ http://www.zerodayinitiative.com/advisories/ZDI-15-530/ http://www.zerodayinitiative.com/advisories/ZDI-15-529/ http://www.zerodayinitiative.com/advisories/ZDI-15-528/ http://www.zerodayinitiative.com/advisories/ZDI-15-527/ http://www.zerodayinitiative.com/advisories/ZDI-15-526/
*** G DATA Malware Report - January - June 2015 *** --------------------------------------------- The G Data SecurityLabs published the Malware Report for the first half of 2015. Here are the most important findings. --------------------------------------------- https://blog.gdatasoftware.com/blog/article/g-data-malware-report-january-ju...
*** EMET: To be, or not to be, A Server-Based Protection Mechanism *** --------------------------------------------- Hi Folks - Platforms PFE Dan Cuomo here to discuss a common question seen in the field: 'My customer is deploying EMET and would like to know if it is supported on Server Operating Systems.' On the surface there is a simple answer to this question, .. --------------------------------------------- http://blogs.technet.com/b/srd/archive/2015/10/20/emet-to-be-or-not-to-be-a-...
*** Hack.lu 2015 Wrap-Up Day #1 *** --------------------------------------------- Today started the 11th edition of hack.lu in Luxembourg. Being one of my preferred event, I drove to Luxembourg this morning direction to the Alvisse Parc hotel! The first day started with a security breakfast and a round .. --------------------------------------------- https://blog.rootshell.be/2015/10/20/hack-lu-2015-wrap-up-day-1/
*** Flash, Java Patches Fix Critical Holes *** --------------------------------------------- Adobe has issued a patch to fix a zero-day vulnerability in its Flash Player software. Separately, Oracle today released an update to plug more than two-dozen flaws in its Java software. Both programs plug directly into the browser and are .. --------------------------------------------- http://krebsonsecurity.com/2015/10/flash-java-patches-fix-critical-holes/
*** Online-Banking: Neue Angriffe auf die mTAN *** --------------------------------------------- Betrüger haben wieder einmal eine Methode gefunden, um Daten von Kunden beim Online-Banking abzugreifen und das mTAN-System auszuhebeln. --------------------------------------------- http://heise.de/-2851624
*** Microsoft startet Bug-Bounty-Programm für .NET Core und ASP.NET *** --------------------------------------------- Bis zum 20. Januar 2016 können Entwickler im Rahmen des Programms auf Sicherheitslücken in den Betas der CoreCLR und ASP.NET 5 hinweisen. Gute Lösungsvorschläge sind Microsoft bis zu 15.000 US-Dollar wert. --------------------------------------------- http://heise.de/-2851587
*** Gwolle Guestbook <= 1.5.3 - Remote File Inclusion (RFI) *** --------------------------------------------- https://wpvulndb.com/vulnerabilities/8218
*** High-Tech Bridge launches free PCI and NIST compliant SSL test *** --------------------------------------------- High-Tech Bridge is pleased to announce availability of its new online service to test SSL/TLS server security and configuration for compliance with NIST and PCI DSS. --------------------------------------------- https://www.htbridge.com/news/high-tech-bridge-launches-free-pci-and-nist-co...
*** Metadaten-Leak: 1Password stellt Dateiformat um *** --------------------------------------------- Nutzer der Abgleichfunktion "1Password Anywhere" hinterließen unter Umständen eine Liste mit den von ihnen verwendeten Websites im Netz. Ein neues Dateiformat für den Passworttresor soll Abhilfe schaffen. --------------------------------------------- http://heise.de/-2851618
*** IniNet Solutions embeddedWebServer Cleartext Storage Vulnerability *** --------------------------------------------- This advisory provides mitigation details for a cleartext storage of sensitive information vulnerability in the IniNet Solutions GmbH embeddedWebServer. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-15-293-01
*** IniNet Solutions SCADA Web Server Vulnerabilities *** --------------------------------------------- This advisory provides mitigation details for three vulnerabilities in the IniNet Solutions GmbH SCADA Web Server. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-15-293-02
*** 3S CODESYS Gateway Null Pointer Exception Vulnerability *** --------------------------------------------- This advisory provides mitigation details for a null pointer exception vulnerability in the 3S-Smart Software Solutions GmbH CODESYS Gateway Server. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-15-293-03
*** Angriffe auf Magento-Shops über bereits bekannte Lücken *** --------------------------------------------- Die aktuellen Angriffe auf Tausende von Magento-Webseiten finden wohl über Lücken statt, für die bereits Patches existieren. Außerdem werden auch Seiten angegriffen, die Magento gar nicht einsetzen. --------------------------------------------- http://heise.de/-2851842
*** Hacking Challenge: Staatsdruckerei sucht IT-Talente *** --------------------------------------------- Die Österreichische Staatsdruckerei veranstaltet auf der Karrieremesse des Campus Hagenberg der FH OÖ eine Hacking Challenge mit dem Ziel, junge IT-Talente zu finden. --------------------------------------------- http://futurezone.at/digital-life/hacking-challenge-staatsdruckerei-sucht-it...
*** Kampagnen Malvertising Campaign Goes After German Users *** --------------------------------------------- Malvertising targets German users via carefully crafted attack to dupe ad networks...) --------------------------------------------- https://blog.malwarebytes.org/malvertising-2/2015/10/kampagnen-malvertising-...
*** Trend Micro kauft Tipping Point *** --------------------------------------------- Mit Tipping Point verleibt sich der Antiviren-Hersteller auch die Zero Day Initiative (ZDI) und die Digital Vaccine Labs ein. Tipping Point, bisher Teil von HP, ist unter anderem auch als Sponsor der Pwn2Own-Events bekannt. --------------------------------------------- http://heise.de/-2851848