[CERT-daily] Tageszusammenfassung - Freitag 14-12-2012

Daily end-of-shift report team at cert.at
Fri Dec 14 18:00:39 CET 2012


=======================
= End-of-Shift report =
=======================
Timeframe:   Donnerstag 13-12-2012 18:00 − Freitag 14-12-2012 18:00
Handler:     Christian Wojner
Co-Handler:  n/a




*** Internet Explorer rats out the mouse - Update ***
---------------------------------------------
"Company Spider. io warns that Internet Explorer allows a users mouse position to be determined even if the mouse cursor is located outside of the browser window or the browser window isnt being displayed at all either because it is minimised or the user has switched to view another tab or window. This is potentially dangerous because it enables web pages to intercept sensitive data that is being entered via virtual keyboards and virtual keypads, say the researchers...."
---------------------------------------------
http://www.h-online.com/security/news/item/Internet-Explorer-rats-out-the-mouse-Update-1767877.html




*** Bugtraq: Addressbook v8.1.24.1 Group Name XSS ***
---------------------------------------------
Addressbook v8.1.24.1 Group Name XSS
---------------------------------------------
http://www.securityfocus.com/archive/1/525027




*** New Trojan attempts SMS fraud on OS X users ***
---------------------------------------------
"The Russian security firm Dr. Web has uncovered another malware attempt on OS X systems that tries to exploit users with SMS fraud. The new malware is a Trojan horse, dubbed "Trojan. SMSSend...."
---------------------------------------------
http://news.cnet.com/8301-1009_3-57558780-83/new-trojan-attempts-sms-fraud-on-os-x-users/

*** Apple updates OS X malware definitions for new fake-installer/SMS trojan ***
---------------------------------------------
"MacRumors noted today that Apple is utilizing the automatic daily checks for malware definitions it implemented last year to block an OS X trojan horse discovered earlier this week. The trojan was originally detailed in a blog post on Dr. Web. Known as TrojanSMSSend...."
---------------------------------------------
http://9to5mac.com/2012/12/13/apple-updates-os-x-malware-definitions-for-new-fake-installersms-trojan/




*** Backdoor Found at NDIS Level ***
---------------------------------------------
"It is one thing to have a piece of malware that can focus on targeted attacks, but it is quite another to have it also be nearly invisible. That is just what a variant of the Exforel backdoor malware, VirTool:WinNT/Exforel. A, is able to do, said researchers at Microsofts Malware Protection Center...."
---------------------------------------------
http://www.isssource.com/backdoor-found-at-ndis-level/




*** New Attacks from Gameover Gang ***
---------------------------------------------
"Millions of emails, which pose as coming from major U.S. banks, are spamming out, according to Dell SecureWorks Counter Threat Unit. The fake but convincing-looking emails appeal to a more security-minded banking customer: You have received a new encrypted message or a secure message from [XYZ] Bank, one of the email campaigns said, noting the bank has set up a secure email exchange for its customers as a way to allay privacy and security concerns. The message includes an infected
---------------------------------------------
http://www.isssource.com/new-attacks-from-gameover-gang/




*** Yet another eavesdrop vulnerability in Cisco phones ***
---------------------------------------------
Security groundhog day A university student presenting at the Amphion Forum has demonstrated turning a Cisco VoIP phone into a listening device, even when it's on the hook.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2012/12/13/cisco_voip_phones_vulnerable/




*** Dexter malware targets point of sale systems worldwide ***
---------------------------------------------
"You could be getting more than you bargained for when you swipe your credit card this holiday shopping season, thanks to new malware that can skim credit card info from compromised point-of-sale (POS) systems. First spotted by security firm Seculert, the malware dubbed "Dexter" is believed to have infected hundreds of POS systems in 40 countries worldwide in recent months. Companies targeted include retailers, hotel chains, restaurants, and private parking providers...."
---------------------------------------------
http://www.theregister.co.uk/2012/12/14/dexter_malware_targets_pos_systems/




*** Top 7 security predictions for 2013 ***
---------------------------------------------
"A seismic shift in who controls the Internet? Another Mac malware outbreak? Your smart TV being highjacked for a DDoS attack?..."
---------------------------------------------
http://www.net-security.org/secworld.php?id=14120




*** [DNB] Joomla, WordPress Sites Hit by IFrame Injection Attacks ***
---------------------------------------------
'....Users of the popular Joomla content management system are being
urged by security experts to upgrade to the latest version after
reports of exploits being used to compromise websites built on the
platform......'
---------------------------------------------
https://threatpost.com/en_us/blogs/joomla-wordpress-sites-hit-iframe-injection-attacks-121212





More information about the Daily mailing list