[CERT-daily] Tageszusammenfassung - Montag 12-08-2013

Daily end-of-shift report team at cert.at
Mon Aug 12 18:01:28 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 09-08-2013 18:00 − Montag 12-08-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  n/a

*** BYOD Gives Vulnerable Devices Corporate Network Access ***
---------------------------------------------
A research report on mobile security reveals that while BYOD policies may increase employee productivity, they also increase the number of vulnerable devices connecting to corporate networks.
---------------------------------------------
http://threatpost.com/byod-gives-vulnerable-devices-corporate-network-access/101950




*** HP Switches? You may want to look at patching them. , (Fri, Aug 9th) ***
---------------------------------------------
A little over a week ago HP (Thanks for the link Ugo) put out a fix for an unspecified vulnerability on, as far as I can see, pretty much every switch device they produce. Both their Procurve as well as the 3COM ranges. CVE-2013-2341 CVSS Score of 7.1 and CVE-2013-2340 CVSS Score of 10  The first one requiring authentication, the second one none and both are remotely exploitable.
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=16340&rss




*** Admins warned: Drill SSL knowledge into your Chrome users ***
---------------------------------------------
Google research finds whopping SSL click-through rates Admins of Chrome shops unite your users are dabbling with dodgy SSL, and you must teach them how to be safer online until Google updates its browser.
---------------------------------------------
http://www.theregister.co.uk/2013/08/10/chrome_ssl_clickthrough_report/



*** Android bug batters Bitcoin wallets ***
---------------------------------------------
subhead Users of Android Bitcoin apps have woken to the unpleasant news that an old pseudo random number generation bug has been exploited to steal balances from users wallets.
---------------------------------------------
http://www.theregister.co.uk/2013/08/12/android_bug_batters_bitcoin_wallets/




*** Maltego Tungsten as a collaborative attack platform ***
---------------------------------------------
Maltego has always been a strong favorite for pre-attack intelligence gathering - be that for social engineering, doxing or for infrastructure mapping. Indeed its earned its rightful place in the Kali Linux top 10 tools.
---------------------------------------------
https://media.blackhat.com/us-13/US-13-Temmingh-Maltego-Tungsten-as-a-Collaborative-Attack-Platform-WP.pdf




*** Newly launched managed `malware dropping´ service spotted in the wild ***
---------------------------------------------
By Dancho Danchev Among the most common misconceptions about the way a novice cybercriminal would approach his potential victims has to do with the practice of having him looking for a `seed´ population to infect, so that he can then use the initially infected users as platform to scale his campaign.
---------------------------------------------
http://blog.webroot.com/2013/08/12/newly-launched-managed-malware-dropping-service-spotted-in-the-wild/




*** Blog: Visit from an old friend: Counter.php ***
---------------------------------------------
Around one year ago I posted about what were the most common web attacks in Spain and how the malware was spread. It is time for an update!
---------------------------------------------
http://www.securelist.com/en/blog/9151/Visit_from_an_old_friend_Counter_php




*** New Attack Leverages Mobile Ad Network to Deliver Android Malware ***
---------------------------------------------
Ad networks have been a key component of the malware and cybercrime ecosystem for a long time and their role is becoming more and more complicated, as researchers from WhiteHat Security showed at Black Hat recently. That problem is now moving to the mobile Web, ...
---------------------------------------------
http://threatpost.com/new-attack-leverages-mobile-ad-network-to-deliver-android-malware/101956




*** Sicherheitsupdate für HP-Drucker der LaserJet-Pro-Reihe ***
---------------------------------------------
Hewlett Packard hat in zahlreichen seiner Laserdrucker eine Lücke geschlossen, durch die man ohne Authentifizierung an das Admin-Passwort kommt.
---------------------------------------------
http://www.heise.de/security/meldung/Sicherheitsupdate-fuer-HP-Drucker-der-LaserJet-Pro-Reihe-1934046.html




*** Simple Hack Threatens Outdated Joomla Sites ***
---------------------------------------------
If you run a site powered by the Joomla content management system and havent yet applied a critical update for this software released less than two weeks ago, please take a moment to do that: A trivial exploit could let users inject malicious content into your site, turning it into a phishing or malware trap for visitors.
---------------------------------------------
https://krebsonsecurity.com/2013/08/simple-hack-threatens-oudated-joomla-sites/




*** AnchorCMS 0.9.1 Stored XSS exploit ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080092




*** ReviewBoard XSS Vulnerabilities ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080093




*** Cacti Input Validation Flaw Lets Remote Users Inject SQL Commands ***
---------------------------------------------
http://www.securitytracker.com/id/1028893




*** Siemens COMOS CVE-2013-4943 privilege escalation ***
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/86330




*** Ruby on Rails Known Secret Session Cookie Remote Code Execution ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080098




*** HTCSyncManagerUpdate DLL Hijacking ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080095




*** Sybase EAServer XXE Injection ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080099


More information about the Daily mailing list