[CERT-daily] Tageszusammenfassung - Donnerstag 28-02-2013

Thu Feb 28 18:04:32 CET 2013

=======================
= End-of-Shift report =
=======================
Timeframe:   Mittwoch 27-02-2013 18:00 − Donnerstag 28-02-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  Robert Waldner

*** Kelihos-Botnet ausgeknipst - Live on stage ***
---------------------------------------------
Während einer Präsentation hat ein Sicherheitsforscher live die Kommunikationskanäle des Viagra-Spam-Botnets Kelihos vergiftet und das Zombie-Netzwerk damit de facto abgeschaltet.
---------------------------------------------
http://rss.feedsportal.com/c/32407/f/463925/s/29084f8e/l/0L0Sheise0Bde0Csecurity0Cmeldung0CKelihos0EBotnet0Eausgeknipst0ELive0Eon0Estage0E18128840Bhtml0Cfrom0Crss0A9/story01.htm


*** Hacking Victim Bit9 Blames SQL Injection Flaw ***
---------------------------------------------
"Bit9 said a common Web application vulnerability was responsible for allowing hackers to ironically use the security vendors systems as a launch pad for attacks on other organizations. Based in Waltham, Massachusetts, the company sells a security platform that is designed in part to stop hackers from installing their own malicious software. In an embarrassing admission, Bit9 said earlier this month that it neglected to install its own software on a part of its network, which lead to the
---------------------------------------------
http://www.cio.com/article/729401/Hacking_Victim_Bit9_Blames_SQL_Injection_Flaw


*** cPanel: Reset your root passwords! Hackers broke into our system ***
---------------------------------------------
"Website administration firm cPanel has told The Reg that one of its proxy servers was hacked, potentially exposing customers administrator-level passwords. cPanel discovered that one of its systems, used to handle technical support tickets, was infiltrated nearly a week ago. The biz, which provides tools for managing Unix-powered websites, has urged anyone who contacted its help-desk within the last six months to change their root passwords - a credential requested in new support
---------------------------------------------
http://www.theregister.co.uk/2013/02/27/cpanel_support_server_hacked/


*** Joomla! 3.0.2 PHP Object Injection ***
---------------------------------------------
Topic: Joomla! 3.0.2 PHP Object Injection Risk: Medium Text: - Joomla!
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/q-jzkZbxx84/WLB-2013020211


*** Drupal Creative Theme 7.x Cross Site Scripting ***
---------------------------------------------
Topic: Drupal Creative Theme 7.x Cross Site Scripting Risk: Low Text:View online: https://drupal.org/node/1929474 * Advisory ID: DRUPAL-SA-CONTRIB-2013-024 * Project: Creative Theme [1] (t...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/SebLduXdSsE/WLB-2013020206


*** 'MiniDuke' malware takes aim at Euro governments via Adobe ***
---------------------------------------------
A new attack is targeting European governments through flaws exploited
in Adobe's Reader software, according to security researchers.
---------------------------------------------
http://news.cnet.com/8301-1009_3-57571571-83/miniduke-malware-takes-aim-at-euro-governments-via-adobe/


*** German Customers of PayPal, ING-DiBa Asked by Scammers to Update Accounts ***
---------------------------------------------
In a brand new phishing campaign targeting Germans, scammers set their
eyes on identification data of PayPal and ING customers in Germany.
---------------------------------------------
http://www.hotforsecurity.com/blog/german-customers-of-paypal-ing-diba-asked-by-scammers-to-update-accounts-5503.html


*** Moscows speed cameras knackered by MYSTERY malware ***
---------------------------------------------
Infection spread from cops to traffic gear - report Malware has infected a Russian police computer network, knackering speed cameras in and around Moscow, according to reports.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/02/28/malware_hobbles_moscow_speed_cams/


*** Vuln: Todd Miller Sudo CVE-2013-1775 Local Authentication Bypass Vulnerability ***
---------------------------------------------
Todd Miller Sudo CVE-2013-1775 Local Authentication Bypass Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/58203


*** Vuln: Todd Miller Sudo CVE-2013-1776 Local Security Bypass Vulnerability ***
---------------------------------------------
Todd Miller Sudo CVE-2013-1776 Local Security Bypass Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/58207