======================= = End-of-Shift report = =======================

Timeframe: Donnerstag 14-04-2016 18:00 − Freitag 15-04-2016 18:00 Handler: Alexander Riepl Co-Handler: n/a

*** Cisco Unified Computing System Platform Emulator Command Injection Vulnerability *** --------------------------------------------- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...

*** Cisco Unified Computing System Platform Emulator Filename Argument Handling Buffer Overflow Vulnerability *** --------------------------------------------- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...

*** Vorgebliches Flash-Update installiert unerwünschte Mac-Programme *** --------------------------------------------- Erneut ist ein als Flash-Aktualisierung getarnter Installer im Umlauf, der ungewollte OS-X-Programme einspielt. Ein Entwickler-Zertifikat stellt die Schutzfunktion Gatekeeper ruhig. --------------------------------------------- http://heise.de/-3174793

*** Bedep has raised its game vs Bot Zombies *** --------------------------------------------- http://malware.dontneedcoffee.com/2016/04/bedepantiVM.html

*** Xen hugetlbfs Support Lets Local Users on a Guest System Cause Denial of Service Conditions on the Guest System *** --------------------------------------------- http://www.securitytracker.com/id/1035569

*** Banking Trojans Nymaim, Gozi Merge to Steal $4M *** --------------------------------------------- 'Double-headed beast' Trojan, GozNym, drains $4 million from banks in past two weeks. --------------------------------------------- http://threatpost.com/banking-trojans-nymaim-gozi-merge-to-steal-4m/117412/

*** Ransomware authors use the bitcoin blockchain to deliver encryption keys *** --------------------------------------------- Ransomware authors are using the bitcoin blockchain, which serves as the cryptocurrencys public transaction ledger, to deliver decryption keys to victims.The technique, which removes the burden of maintaining a reliable website-based .. --------------------------------------------- http://www.cio.com/article/3056604/ransomware-authors-use-the-bitcoin-blockc...

*** VMSA-2016-0004 *** --------------------------------------------- VMware product updates address a critical security issue in the VMware Client Integration Plugin --------------------------------------------- http://www.vmware.com/security/advisories/VMSA-2016-0004.html

*** HTTP Public Key Pinning: How to do it right, (Thu, Apr 14th) *** --------------------------------------------- [Thanks to Felix aka @nexusnode for inspiring this post. Also, see his blog post [1] for more details] One of the underutilizedsecurity measures I mentioned recently was HTTP Public Key Pinning, or HPKP. First again, what is HPKP: HPKP adds a special header to the HTTP response. This header lists hashes .. --------------------------------------------- https://isc.sans.edu/diary.html?storyid=20943

*** Researchers Crack Microsoft and Google's Shortened URLs to Spy on People *** --------------------------------------------- They were even able to identify a young woman whod sought Google Maps directions to a Planned Parenthood clinic. --------------------------------------------- http://www.wired.com/2016/04/researchers-cracked-microsoft-googles-shortened...

*** Russia sends exploit kit author to the GULAG for seven years *** --------------------------------------------- ♫ Mothers, dont let your babies grow up to be hackers ♫ The author of the infamous "Blackhole" exploit kit has been sentenced to seven years in a Russian penal colony, local media report. --------------------------------------------- www.theregister.co.uk/2016/04/15/blackhole_paunch_sentence/

*** OGH: Unternehmer bei "Phishing"-Attacke vom Konto selbst schuld *** --------------------------------------------- http://derstandard.at/2000034923248-406

*** AJAX Random Post <= 2.00 - Unauthenticated Reflected Cross-Site Scripting (XSS) *** --------------------------------------------- https://wpvulndb.com/vulnerabilities/8450

*** HDW WordPress Video Gallery <= 1.2 - Unauthenticated Reflected Cross-Site Scripting (XSS) *** --------------------------------------------- https://wpvulndb.com/vulnerabilities/8449

*** Blackberry: Kanadische Polizei besitzt seit 2010 Zentralschlüssel *** --------------------------------------------- Wurde genutzt um über die Jahre Millionen BBM-Nachrichten mitzulesen --------------------------------------------- http://derstandard.at/2000034940341

*** Sierra Wireless ACEmanager Information Exposure Vulnerability *** --------------------------------------------- This advisory contains mitigation details for an exposure of sensitive information vulnerability in the Sierra Wireless ACEmanager application. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-16-105-01

*** Accuenergy Acuvim II Series AXM-NET Module Vulnerabilities *** --------------------------------------------- This advisory contains mitigation details for authentication bypass vulnerabilities in Accuenergy's Acuvim II Series AXM-NET module. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-16-105-02

*** QuickTime unter Windows deinstallieren - JETZT! *** --------------------------------------------- Da zwei kritische Lücken in QuickTime für Windows klaffen und Apple die Anwendung nicht mehr unterstützt, .. --------------------------------------------- http://heise.de/-3175518