[CERT-daily] Tageszusammenfassung - Freitag 22-02-2013

Fri Feb 22 18:06:12 CET 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 21-02-2013 18:00 − Freitag 22-02-2013 18:00
Handler:     Stephan Richter
Co-Handler:  Christian Wojner


*** Bugtraq: [security bulletin] HPSBMU02836 SSRT101056 rev.1 - HP ArcSight Connector Appliance and ArcSight Logger, Remote Disclosure of Information, Command Injection, Cross-Site Scripting (XSS) ***
---------------------------------------------
http://www.securityfocus.com/archive/1/525764


*** Vuln: Multiple OpenStack Products Information Disclosure and Denial of Service Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/bid/58022


*** Why You Shouldnt Use the OWASP Top 10 as a List of Software Security Requirements ***
---------------------------------------------
On February 15, the Open Web Application Security Project (OWASP) came out with its 2013 list of candidates for the Top 10 web application security flaws. This list is available here and open for public comment - the final Top 10 list will come out in April or May. If its anything like previous years, OWASP Top 10 2013 will become the de facto yardstick that organizations use to test if their applications are secure. This is at least partially because the Payment Card Industry Data...
---------------------------------------------
http://www.infosecisland.com/blogview/22951-Why-You-Shouldnt-Use-the-OWASP-Top-10-as-a-List-of-Software-Security-Requirements.html


*** libxml2 and expat internal and external XML entity expansion ***
---------------------------------------------
Topic: libxml2 and expat internal and external XML entity expansion Risk: High Text: So here are the CVEs for the two big ones, libxml2 and expat. Both are affected by the expansion of internal entities (which ...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/v1lpK84nIpw/WLB-2013020159


*** VMware releases new and updated security advisories, (Fri, Feb 22nd) ***
---------------------------------------------
VMware has released the following new and updated security advisories:  New:  VMSA-2013-0003 http://www.vmware.com/security/advisories/VMSA-2013-0003.html  Updated:  VMSA-2012-0018 http://www.vmware.com/security/advisories/VMSA-2012-0018.html  VMSA-2013-0001 http://www.vmware.com/security/advisories/VMSA-2013-0001.html    Chris Mohan --- Internet Storm Center Handler on Duty (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=15244&rss


*** SSHD rootkit in the wild, (Thu, Feb 21st) ***
---------------------------------------------
There are a lot of discussions at the moment about a SSHD rootkit hitting mainly RPM based Linux distributions.  Thanks to our reader unSpawn, we received a bunch of samples of the rootkit. The rootkit is actually a trojanized library that links with SSHD and does *a lot* of nasty things to the system.  At this point in time we still do not know what the initial attack vector is it is unknown how the attackers get root access on the compromised servers that is needed to change the legitimate...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=15229&rss


*** Risk Factory: Lets Get Physical ***
---------------------------------------------
"Security issues associated with the Internet of hings (IoT)..."
---------------------------------------------
http://www.slideshare.net/RichardHollis/risk-factory-lets-get-physical


*** Employees May Be a Companys Greatest Cybersecurity Vulnerability ***
---------------------------------------------
Apple Inc, disclosed a cyber attack Tuesday, which started when employees visited a website for software developers and inadvertently picked up malicious software that infected their computers. Similarly, Facebook announced last week that malware got onto employee laptops after some employees visited a compromised developer website. And in a recent report about hackers infiltrating systems at The New York Times, investigators came to suspect that employees opened malicious links or...
---------------------------------------------
http://www.law.com/corporatecounsel/PubArticleCC.jsp?id=1202588933863&Employees_May_Be_a_Companys_Greatest_Cybersecurity_Vulnerability&slreturn=20130122051244


*** Hidden security threats on enterprise networks ***
---------------------------------------------
Check Point uncovered the major security risks and threats that impact organizations worldwide. Their new report examines the leading security threats, the risky web applications that compromise network security, and incidences of unintentional loss of data caused by employees. The report is based on research from 888 companies worldwide, and gives insight into the network security events that actually occurred within organizations during 2012, and the security risks that companies are...
---------------------------------------------
http://www.net-security.org/secworld.php?id=14465


*** EU cyber laws should target IT suppliers security negligence ***
---------------------------------------------
"Cyber security has made its ultimate mainstream breakthrough. This week, a relatively minor hack targeted at Apple not only made the BBC 10 Oclock News, but warranted a lengthy studio discussion between presenter Sophie Raworth and a BBC security correspondent. Attacks of varying sophistication and impact are becoming a near daily occurrence - and they are only the ones we hear about...."
---------------------------------------------
http://www.computerweekly.com/blogs/editors-blog/2013/02/eu-cyber-laws-should-target-it.html


*** Zertifizierter Online-Banking-Trojaner ***
---------------------------------------------
Der AV-Hersteller Eset hat eine Reihe von Trojanern entdeckt, die mit einem gültigen Zertifikat signiert waren. Das hat der Zertifikatsherausgeber DigiCert ausgestellt – und zwar einer Firma, die es schon lang nicht mehr gibt.
---------------------------------------------
http://rss.feedsportal.com/c/32407/f/463925/s/28d8d768/l/0L0Sheise0Bde0Csecurity0Cmeldung0CZertifizierter0EOnline0EBanking0ETrojaner0E180A82610Bhtml0Cfrom0Crss0A9/story01.htm


*** Protect your computer from hackers & viruses(Infographic) ***
---------------------------------------------
http://blog.botrevolt.com/