[CERT-daily] Tageszusammenfassung - Freitag 16-08-2013
Daily end-of-shift report
team at cert.at
Fri Aug 16 17:59:14 CEST 2013
=======================
= End-of-Shift report =
=======================
Timeframe: Mittwoch 14-08-2013 18:00 − Freitag 16-08-2013 18:00
Handler: Matthias Fraidl
Co-Handler: n/a
*** Microsoft Starts Countdown on Eliminating MD5 ***
---------------------------------------------
Microsoft has given customers six months to find MD5 installations and prepare for a February 2014 patch that will block the broken algorithm.
---------------------------------------------
http://threatpost.com/microsoft-starts-countdown-on-eliminating-md5/101994
*** Microsoft Pulls Back Critical Exchange Server 2013 Patch ***
---------------------------------------------
Microsoft has pulled back MS13-061, a critical patch released yesterday for Exchange Server 2013 because it breaks indexing on the messaging server.
---------------------------------------------
http://threatpost.com/microsoft-pulls-back-critical-exchange-server-2013-patch/101999
*** Hackers targeting servers running Apache Struts applications, researchers say ***
---------------------------------------------
A tool for exploiting known Struts vulnerabilities is available on Chinese hacker forums, Trend Micro researchers said
---------------------------------------------
http://www.csoonline.com/article/738134/hackers-targeting-servers-running-apache-struts-applications-researchers-say?source=rss_application_security
*** Androids Verschlüsselung angreifbar ***
---------------------------------------------
Eine Schwachstelle in Androids Crypto-Bibliotheken betrifft möglicherweise hunderttausende Android-Anwendungen. Der Fehler sorgt für schwache Zufallszahlen und wurde von Kriminellen bereits für den Diebstahl von Bitcoins genutzt.
---------------------------------------------
http://www.heise.de/security/meldung/Androids-Verschluesselung-angreifbar-1936181.html
*** Personalized Exploit Kit Targets Researchers ***
---------------------------------------------
As documented time and again on this blog, cybercrooks are often sloppy or lazy enough to leave behind important clues about who and where they are. But from time to time, cheeky crooks will dream up a trap designed to look like theyre being sloppy when in fact theyre trying to trick security researchers into being sloppy and infecting their computers with malware.
---------------------------------------------
https://krebsonsecurity.com/2013/08/personalized-exploit-kit-targets-researchers/
*** Verbreitung von Android-Malware nimmt deutlich zu, aber ... ***
---------------------------------------------
Die Antivirenfirma Kaspersky hat im zweiten Quartal dieses Jahren doppelt so viele neue Android-Schädlinge gesichtet wie im gleichen Quartal des Vorjahres. Anlass zur Panik ist das allerdings nicht.
---------------------------------------------
http://www.heise.de/security/meldung/Verbreitung-von-Android-Malware-nimmt-deutlich-zu-aber-1936570.html
*** Targeted Attacks Delivering Fruit ***
---------------------------------------------
Political news has always been one of the top topics used in targeted attacks. Last week we came across unique malicious emails targeting high-profile companies in Europe and Asia (in sectors such as finance, mining, telecom, and government). The payload is an updated version of a Java remote access tool (RAT) detected as Backdoor.Opsiness, also known as Frutas RAT.
---------------------------------------------
http://www.symantec.com/connect/blogs/targeted-attacks-delivering-fruit
*** Researchers figure out how to hack tens of thousands of servers ***
---------------------------------------------
Security researchers at the University of Michigan have found a potentially devastating security vulnerability that afflicts at least 40,000 servers on the Internet. The researchers say the flaw could allow hackers to compromise certain servers manufactured by Supermicro from anywhere on the Internet. Tens of thousands of servers produced by other vendors could also be at risk.
---------------------------------------------
http://www.washingtonpost.com/blogs/the-switch/wp/2013/08/14/researchers-figure-out-how-to-hack-tens-of-thousands-of-servers/
*** Hintergrund: Remote-Shell für die SD-Karte ***
---------------------------------------------
Kaum etwas ist zu klein, um gehackt zu werden: Einem Blogger ist es gelungen, Root-Zugriff auf das Embedded-System einer WLAN-fähigen Speicherkarte zu erlangen.
---------------------------------------------
http://www.heise.de/security/artikel/Remote-Shell-fuer-die-SD-Karte-1933994.html
*** Drupal Entity API Module Two Security Bypass Security Issues ***
---------------------------------------------
https://secunia.com/advisories/54481
*** Vuln: Dovecot LIST Command Denial of Service Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/61763
*** Drupal 7.22 / 6.28 Cross Site Scripting ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080126
*** Joomla Media Manager File Upload Vulnerability ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080120
*** TYPO3 File Upload Flaw Lets Remote Authenticated Users Execute Arbitrary PHP Code ***
---------------------------------------------
http://www.securitytracker.com/id/1028919
*** Bugtraq: Open-Xchange Security Advisory 2013-08-16 ***
---------------------------------------------
http://www.securityfocus.com/archive/1/528046
*** Bugtraq: Update: Linksys EA2700, EA3500, E4200v2, EA4500 Unspecified unauthenticated remote access ***
---------------------------------------------
http://www.securityfocus.com/archive/1/528045
*** Puppet "resource_type" Service Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/54564
More information about the Daily
mailing list