[CERT-daily] Tageszusammenfassung - Dienstag 4-09-2012

Otmar Lendl lendl at cert.at
Mon Sep 17 15:17:54 CEST 2012


=======================
= End-of-Shift report =
=======================
Timeframe:   Montag 03-09-2012 18:00 -’ Dienstag 04-09-2012 18:00
Handler:     Stephan Richter
Co-Handler:  Robert Waldner




*** Google-Sicherheitswarnung entpuppt sich als Trojaner ***
---------------------------------------------
http://www.heise.de/security/meldung/Google-Sicherheitswarnung-entpuppt-sich-als-Trojaner-1698071.html/from/atom10




*** Xen-Based Secure OS Qubes Hits 1.0 ***
---------------------------------------------
Orome1 writes "Joanna Rutkowska, CEO of Invisible Things Lab, today
released version 1.0 of Qubes, a stable and reasonably secure desktop
OS. It is the most secure option among the existing desktop operating
systems - even more secure than Apples iOS, which puts each application
into its own sandbox and does not count on the user to make security
decisions. Qubes will offer users the option of using disposable virtual
machines for executing tasks they believe could harm their
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/QFOuSOQL9zE/xen-based-secure-os-qubes-hits-10




*** Exposed Terminal Services Remains High Frequency Threat ***
---------------------------------------------
"Quickly reviewing the HITME data gathered from our global deployment of
HoneyPoint continues to show that exposed Terminal Services (RDP) on
port 3389 remains a high frequency threat. In terms of general contact
with the attack surface of an exposed Terminal Server connection, direct
probes and attacker interaction is seen on an average approximately two
times per hour. Given that metric, an organization who is using exposed
Terminal Services for remote access or management/support, may
---------------------------------------------
http://www.infosecisland.com/blogview/22273-Exposed-Terminal-Services-Remains-High-Frequency-Threat.html




*** Is it time to knock infected PCs off the internet? ***
---------------------------------------------
"Malware could block your access to the internet but in some cases by
those on the right side of the security fence, who are deploying tactics
such as blocked ports, letters in the mail and PCs quarantined from the
net to combat the most damaging threats. Last year, authorities led by
the FBI arrested the criminals behind the DNSCharger operation, taking
over their servers. The malware changed victims DNS settings, and
unplugging the servers would have cut off the four million infected PCs
---------------------------------------------
http://www.pcpro.co.uk/news/security/376696/is-it-time-to-knock-infected-pcs-off-the-internet




*** Hack - AntiSec knackt FBI-Laptop - und "findet" 12 Mio.
Apple-Datensätze ***
---------------------------------------------
Samt Username, Telefonnummer und Adresse - 1 Million UDIDs als Beweis
veröffentlicht - Über Java-Lücke
---------------------------------------------
http://text.derstandard.at/1345166057287/AntiSec-knackt-FBI-Laptop---findet-12-Mio-Datensaetze-von-iPhone-NutzerInnen





*** Browser plug-in and website warn about data harvesting by Facebook
apps ***
---------------------------------------------
"Secure. me has developed a website and a browser plug-in designed to
make Facebook users aware of the personal information that gets
harvested by third-party applications. The App Advisor Security Network
website has profiles on more than 500,000 third-party Facebook
applications that describe the user data they collect, what actions they
can take and whether they are considered unsafe...."
---------------------------------------------
http://news.techworld.com/security/3379011/browser-plug-in-website-warn-about-data-harvesting-by-facebook-apps/?olo=rss




*** IFA 2012 - Samsung erpresst Blogger und schlittert in PR-Debakel ***
---------------------------------------------
Nokia springt ein und wird Retter in der Not
---------------------------------------------
http://derstandard.at/1345166104259/Samsung-erpresst-Blogger-und-schlittert-in-mediales-Debakel




*** [webapps] - Splunk <= 4.3.3 Arbitrary File Read ***
---------------------------------------------
Splunk <= 4.3.3 Arbitrary File Read
---------------------------------------------
http://www.exploit-db.com/exploits/21053




*** [webapps] - Group Office Calendar (calendar/json.php) SQL Injection ***
---------------------------------------------
Group Office Calendar (calendar/json.php) SQL Injection
---------------------------------------------
http://www.exploit-db.com/exploits/21056





More information about the Daily mailing list