======================= = End-of-Shift report = =======================

Timeframe: Dienstag 06-05-2014 18:00 − Mittwoch 07-05-2014 18:00 Handler: L. Aaron Kaplan Co-Handler: Stephan Richter

*** TLS 1.3 Working Group Has Consensus to Deprectate RSA Key Transport *** --------------------------------------------- RSA key transport cipher suites could be deprecated in TLS 1.3 in favor of Diffie-Hellman Exchange or Elliptic curve Diffie-Hellman. --------------------------------------------- http://threatpost.com/tls-1-3-working-group-has-consensus-to-deprectate-rsa-...

*** Antivirus is Dead: Long Live Antivirus! *** --------------------------------------------- An article in The Wall Street Journal this week quoted executives from antivirus pioneer Symantec uttering words that would have been industry heresy a few years ago, declaring antivirus software "dead" and stating that the company is focusing on developing technologies that attack online threats from a different angle. This hardly comes as news for anyone in the security industry whos been paying attention over the past few years, but Im writing about it because this is a great --------------------------------------------- http://feedproxy.google.com/~r/KrebsOnSecurity/~3/INOFThmd17Q/

*** Sicherheit im Fokus der Linuxwochen in Wien *** --------------------------------------------- Von 8. bis 10. Mai finden auf der FH Technikum Wien zahlreiche Vorträge und Workshops zu Linux, Open Data und Open Source statt. --------------------------------------------- http://futurezone.at/digital-life/sicherheit-im-fokus-der-linuxwochen-in-wie...

*** Video: NEXT Berlin *** --------------------------------------------- Mikko spoke at NEXT Berlin yesterday:And the video is now online: Arms Race. [24m15s] On 06/05/14 At 12:31 PM --------------------------------------------- http://www.f-secure.com/weblog/archives/00002701.html

*** Erpressungstrojaner drohen Android-Nutzern *** --------------------------------------------- Sicherheitsforscher haben den ersten Trojaner entdeckt, der Android-Geräte befällt und von seinen Opfern Lösegeld erpresst. Der Schadcode mit dem Namen Koler.A befällt bereits Smartphones weltweit. --------------------------------------------- http://www.heise.de/security/meldung/Erpressungstrojaner-drohen-Android-Nutz...

*** Security: Gegen die Angst vor Angriffen aufs Smartphone *** --------------------------------------------- Für das Re:publica-Publikum haben die Sicherheitsexperten Linus Neumann und Ben Schlabs ein paar Tipps parat, wie Smartphones gesichert werden können. Und sie zeigen, wie Siri als Einbruchhelfer missbraucht werden kann. --------------------------------------------- http://www.golem.de/news/security-gegen-die-angst-vor-angriffen-aufs-smartph...

*** Hintergrund: SSL-Fuzzing mit "Frankencerts" *** --------------------------------------------- Durch das Zusammenstückeln von Tausenden von echten SSL-Zertifikaten zu über acht Millionen "Frankencerts" haben Forscher Lücken in gängigen SSL-Bibliotheken gefunden. --------------------------------------------- http://www.heise.de/security/artikel/SSL-Fuzzing-mit-Frankencerts-2166135.ht...

*** New DNS Spoofing Technique: Why we havent covered it., (Wed, May 7th) *** --------------------------------------------- The last couple of days, a lot of readers sent us links to articles proclaiming yet another new flaw in DNS. "Critical Vulnerability in BIND Software Puts DNS Protocol Security At Risk" [1] claimed one article, going forward to state: "The students have found a way to compel DNS servers to connect with a specific server controlled by the attacker that could respond with a false IP address. “ So how bad is this really? First of all, here is a the --------------------------------------------- http://isc.sans.edu/diary.html?storyid=18079&rss

*** OpenBSD-Entwickler bezweifeln angebliche OpenSSH-Schwachstelle *** --------------------------------------------- Der Exploit soll so schlimm wie der SSL-GAU Heartbleed sein und die wichtige Unix-Bibliothek OpenSSH betreffen. Allerdings sagen viele Entwickler, dass die Lücke wahrscheinlich nicht existiert. --------------------------------------------- http://www.heise.de/security/meldung/OpenBSD-Entwickler-bezweifeln-angeblich...

*** Advanced Evasion Techniques (AET) a Major Concern for CIOs *** --------------------------------------------- According to a new Vanson Bourne study sponsored by McAfee, CIOs are adding yet another threat to their ever-growing list of network security concerns: Advanced Evasion Techniques, or AETs. Unlike Advanced Persistent Threats (APTs) and other advanced malware, Advanced Evasion Techniques are not types of malicious software. Rather, they are a technique used by threat [...]The post Advanced Evasion Techniques (AET) a Major Concern for CIOs appeared first on Seculert Blog on Advanced Threats and --------------------------------------------- http://www.seculert.com/blog/2014/05/advanced-evasion-techniques-aet-a-major...

*** ABB Relion 650 Series OpenSSL Vulnerability *** --------------------------------------------- ABB has identified an OpenSSL vulnerability in its Relion 650 series application. ABB is in the process of creating a patch that mitigates this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available. --------------------------------------------- http://ics-cert.us-cert.gov/advisories/ICSA-14-126-01

*** Security Advisory- BootRom Menu and Boot Menu Vulnerabilities on Huawei Campus Switches *** --------------------------------------------- Some versions of Huawei Campus S7700/S9300/S9700 switches are affected by the BootRom and Boot Menu vulnerability. --------------------------------------------- http://www.huawei.com/en/security/psirt/security-bulletins/security-advisori...

*** VU#902790: Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability *** --------------------------------------------- Vulnerability Note VU#902790 Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability Original Release date: 07 May 2014 | Last revised: 07 May 2014 Overview Fortinet Fortiweb prior to version 5.2.0 do not sufficiently verify whether a valid request was intentionally provided by the user, which results in a cross-site request forgery (CSRF) vulnerability. (CWE-352) Description CWE-352: Cross-Site Request Forgery (CSRF)Fortinet Fortiweb prior to version 5.2.0 do not... --------------------------------------------- http://www.kb.cert.org/vuls/id/902790

*** HPSBMU02994 rev.4 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information *** --------------------------------------------- A potential security vulnerability has been identified in HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. --------------------------------------------- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...