======================= = End-of-Shift report = =======================
Timeframe: Mittwoch 01-06-2016 18:00 − Donnerstag 02-06-2016 18:00 Handler: Alexander Riepl Co-Handler: n/a
*** DSA-3591 imagemagick - security update *** --------------------------------------------- Bob Friesenhahn from the GraphicsMagick project discovered a commandinjection vulnerability in ImageMagick, a program suite for imagemanipulation. An attacker with control on input image or the inputfilename can execute arbitrary commands with the privileges of the userrunning the application. --------------------------------------------- https://www.debian.org/security/2016/dsa-3591
*** Lenovo advises users to remove a vulnerable support tool preinstalled on their systems *** --------------------------------------------- PC maker Lenovo is recommending that users remove an application preloaded on their computers because it contains a high-severity flaw that could allow attackers to take over their systems.The vulnerable tool is called .. --------------------------------------------- http://www.csoonline.com/article/3077935/security/lenovo-advises-users-to-re...
*** Opening hours - Moderately Critical - XSS - SA-CONTRIB-2016-031 *** --------------------------------------------- https://www.drupal.org/node/2738707
*** DSA-3592 nginx - security update *** --------------------------------------------- It was discovered that a NULL pointer dereference in the Nginx coderesponsible for saving client request bodies to a temporary file mightresult in denial of service: Malformed requests could crash workerprocesses. --------------------------------------------- https://www.debian.org/security/2016/dsa-3592
*** Researchers spot 35-fold increase in newly observed ransomware domains *** --------------------------------------------- A record 35-fold increase in newly observed ransomware domains compared to the fourth quarter of 2015 have been spotted by Infoblox researchers. --------------------------------------------- http://www.scmagazine.com/infoblox-researchers-spotted-a-huge-uptick-in-dns-...
*** Yahoo Publishes National Security Letters After FBI Drops Gag Orders *** --------------------------------------------- Yahoo just became the first company to disclose that it has received NSLs without having to go to court to do so. --------------------------------------------- http://www.wired.com/2016/06/yahoo-publishes-national-security-letters-fbi-d...
*** Docker Containers Logging *** --------------------------------------------- In a previous diary, Jim talked about forensic operations against Docker containers. To be able to perform investigations after an incident, we must have some .. --------------------------------------------- https://isc.sans.edu/diary.html?storyid=21121
*** Die meisten Android-Virenscanner sind unsicher *** --------------------------------------------- Eigentlich sollte AV-Software das Smartphone vor Schadcode schützen. Wie Forscher nun festgestellt haben, weisen viele Virenjäger für Android allerdings selbst eklatante Sicherheitsmängel auf. --------------------------------------------- http://heise.de/-3225169
*** Trend Micro enterprise products multiple vulnerabilities *** --------------------------------------------- Multiple enterprise products provided by Trend Micro Incorporated contain multiple vulnerabilities. --------------------------------------------- http://jvn.jp/en/jp/JVN48847535/
*** Trend Micro Internet Security multiple vulnerabilities *** --------------------------------------------- Trend Micro Internet Security provided by Trend Micro Incorporated contains multiple vulnerabilities. --------------------------------------------- http://jvn.jp/en/jp/JVN48789425/
*** Mitnick Attack Reappears at GeekPwn Macau Contest *** --------------------------------------------- Cao Yue, a Ph.D. student from University of California, Riverside, delivered a stunning show at the GeekPwn 2016 Macau Contest on May 12 attended by top-caliber white hat hackers worldwide. Cao succeeded in remotely hijacking TCP connections at his random choice. --------------------------------------------- http://www.prnewswire.com/news-releases/mitnick-attack-reappears-at-geekpwn-...
*** Hacker Lexicon: What Is Fuzzing? *** --------------------------------------------- Sometimes hacking isnt about taking a program apart: Its about throwing random objects at it to see what breaks. --------------------------------------------- http://www.wired.com/2016/06/hacker-lexicon-fuzzing/
*** [2016-06-02] Multiple critical vulnerabilities in Ubee EVW3226 Advanced wireless voice gateway *** --------------------------------------------- The firmware for the cable modem Ubee EVW3226 contains multiple critical vulnerabilities, which can be exploited to gain full system-level access to the device. This allows for inspection, modification and redirection of traffic. --------------------------------------------- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160...
*** IRONGATE ICS Malware: Nothing to See Here...Masking Malicious Activityon SCADA Systems *** --------------------------------------------- https://www.fireeye.com/blog/threat-research/2016/06/irongate_ics_malware.ht...
*** TeamViewer users claim accounts hacked *** --------------------------------------------- TeamViewer is a remote desktop connection software that allows users to share screens and allow remote access from anywhere in the world. In the past 24 hours, many customers .. --------------------------------------------- http://www.inquisitr.com/3156809/teamviewer-accounts-hacked-users-claim/
*** Erpresser-Mails drohen mit Rufschädigung über Social Media *** --------------------------------------------- Erpresser machen sich die Berichterstattung über aktuelle Hackerangriffe zunutze, um Droh-Mails zu verschicken, in denen sie den Opfern damit drohen, sensible Informationen auf deren Online-Konten zu veröffentlichen. --------------------------------------------- http://heise.de/-3225619
*** 93% Of Phishing Emails Are Now Ransomware *** --------------------------------------------- According to the latest data from security firm PhishMe, 93% of all phishing emails as of the end of March contained encryption ransomware. The numbers .. --------------------------------------------- https://tech.slashdot.org/story/16/06/02/1356241/93-of-phishing-emails-are-n...
*** How Russian cybercrime bosses crafted a ransomware empire out of an economic crisis *** --------------------------------------------- Amid a crashing ruble and shaken markets due to global sanctions over Russian president Vladimir Putins .. --------------------------------------------- http://www.neowin.net/news/how-russian-cybercrime-bosses-crafted-a-ransomwar...
*** XSA-178 *** --------------------------------------------- http://xenbits.xen.org/xsa/advisory-178.html
*** XSA-175 *** --------------------------------------------- http://xenbits.xen.org/xsa/advisory-175.html