[CERT-daily] Tageszusammenfassung - Mittwoch 3-10-2012

Daily end-of-shift report team at cert.at
Wed Oct 3 18:00:33 CEST 2012


=======================
= End-of-Shift report =
=======================
Timeframe:   Dienstag 02-10-2012 18:00 − Mittwoch 03-10-2012 18:00
Handler:     Matthias Fraidl
Co-Handler:  Otmar Lendl

*** SHA-3 Winner Announced ***
---------------------------------------------
An anonymous reader writes "The National Institute of Standards and Technology (NIST) has just announced the winner of the SHA-3 competition: Keccak, created by Guido Bertoni, Joan Daemen and Gilles Van Assche of STMicroelectronics and Michaël Peeters of NXP Semiconductors. Keccak has the added advantage of not being vulnerable in the same ways SHA-2 might be, says NIST computer security expert Tim Polk. An attack that could work on SHA-2 most likely would not work on Keccak because
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/eoZNXkbqy3w/sha-3-winner-announced




*** Twitter account hijacking exposes easy-to-exploit security flaw ***
---------------------------------------------
"The hijacking of the Twitter account that belongs to user Daniel Dennis Jones and his subsequent investigation into the matter has revealed a Twitter security weakness that makes it easy for hackers to do the same to all users that employ short and uninventive passwords, reports BuzzFeed. Over the weekend Jones - an early Twitter adopter who managed to snag himself the @blanket Twitter account - was unpleasantly surprised when he received an email from Twitter telling him his password had
---------------------------------------------
http://www.net-security.org/secworld.php?id=13708




*** Handshakes Professional 4.1 SQL Injection ***
---------------------------------------------
Topic: Handshakes Professional 4.1 SQL Injection Risk: Medium Text:HTTPCS Advisory : HTTPCS70 Product : Handshakes Professional Version : 4.1 Date : 2012-10-01 Criticality level : Highly Cri...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/AGsJ6_RuY30/WLB-2012100024




*** Microsoft Reaches Settlement with Site Linked to Nitol Botnet ***
---------------------------------------------
"Microsoft announced today its reached a settlement with the operator of a Chinese Web site whose domain and sub-domains hosted more than 500 kinds of malware, including the Nitol botnet found on brand new computers. In a lawsuit filed two weeks ago by the software giant, Microsoft alleged the domain 3322. org hosted Nitol, which was found being preloaded onto computers during an investigation into supply chain security last August...."
---------------------------------------------
http://threatpost.com/en_us/blogs/microsoft-reaches-settlement-site-linked-nitol-botnet-100212




*** Sicherheit - Iran: Cyberattacken kappen Internetzugang ***
---------------------------------------------
Infrastruktur wurden mit mehreren Gigabyte pro Sekunde bombardiert
---------------------------------------------
http://derstandard.at/1348284881692/Iran-Cyberattacken-kappen-Internetzugang






More information about the Daily mailing list