[CERT-daily] Tageszusammenfassung - Dienstag 22-01-2013
Daily end-of-shift report
team at cert.at
Tue Jan 22 23:34:47 CET 2013
=======================
= End-of-Shift report =
=======================
Timeframe: Montag 21-01-2013 23:28 − Dienstag 22-01-2013 23:28
Handler: L. Aaron Kaplan
Co-Handler: Christian Wojner
*** Vuln: libTIFF TIFF Image CVE-2012-2088 Buffer Overflow Vulnerability ***
---------------------------------------------
libTIFF TIFF Image CVE-2012-2088 Buffer Overflow Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/54270
*** First Google wants to know all about you, now it wants a RING on your finger ***
---------------------------------------------
For those whove always wanted to give the web giant the finger Top Google bods are mulling over using cryptographic finger-ring gadgets and other ways for users to securely log into websites and other services.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/01/21/google_password_alternative/
*** Linksys WRT54GL CSRF Attacke ***
---------------------------------------------
Linksys WRT54GL CSRF Attacke21. Jänner 2013Wir bitten um Beachtung folgender CSRF Attacke gegen den allseits beliebten und weit verbreiteten Linksys WRT54GL:http://www.securityfocus.com/archive/1/525368/30/0/threadedWir haben in Oesterreich derzeit laut Shodan mindestens 1065 betroffene Linksysen, die direkt via Internet ansprechbar sind (also mit Admin Interface auf einer public IP). Der WRT54GL ist ein Dauerrenner bei WLAN Routern und durchaus weit verbreitet. (quelle:
---------------------------------------------
http://www.cert.at/services/blog/20130121222847-705.html
*** The LulzSec Press Twitter Account Hacked And Exposed By Indonesian Hacker Hmei7 ***
---------------------------------------------
"Indonesian hacker going by the name of Hmei7 published a document on pastebin,exposing @TheLulzSecPress, by stating they they have been stealing others hack. The document has been well organised,giving an introduction section followed by Hacking Incidents analysis,where comparison was made between original hacks of some genuine hackers and the stolen hacks by thelulzsecpress. A total of 5 issues were compared which hmei7 has been naming as FAIL NO...."
---------------------------------------------
http://riduan-anonymous.blogspot.in/2013/01/the-lulzsec-press-twitter-account.html
*** [SECURITY] [DSA 2611-1] movabletype-opensource security update ***
Debian Security Advisory DSA-2611-1 security at debian.org
http://www.debian.org/security/ Yves-Alexis Perez
January 22, 2013 http://www.debian.org/security/faq
*** Operation Red October Attackers Wielded Spear Phishing ***
---------------------------------------------
"The Red October malware network is one of the most advanced online espionage operations thats ever been discovered. Thats the conclusion of Moscow-based security firm Kaspersky Lab, which first discovered Operation Red October--"Rocra" for short--in October 2012."The primary focus of this campaign targets countries in Eastern Europe, former USSR republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North
---------------------------------------------
http://www.informationweek.com/security/attacks/operation-red-october-attackers-wielded/240146621
*** DHS: Industrial control systems subject to 200 attacks in 2012 ***
---------------------------------------------
"A DHS report released last week revealed that industrial control systems, which are used to monitor and control critical infrastructure facilities, were hit with 198 documented cyberattacks in 2012, and that many of these attacks were serious. Forty percent of those attacks were on energy firms, according to the Industrial Control Systems (ICS) and Cyber Emergency Response Team (CERT), which reviewed every incident. Water utilities came in second, with 15 percent of the attacks focused on
---------------------------------------------
http://www.homelandsecuritynewswire.com/dr20130114-dhs-industrial-control-systems-subject-to-200-attacks-in-2012
*** Google bezahlt für Daten-Traffic an Orange ***
---------------------------------------------
Der französische Mobilfunkbetreiber Orange hat mit Google einen Vertrag darüber geschlossen, wonach Google für den Transport der Daten des Video-Portals YouTube zahlt. Das französische Regierung will mit Google zudem über eine "Internet-Steuer" für die Sammlung persönlicher Daten verhandeln.
---------------------------------------------
http://futurezone.at/b2b/13616-google-bezahlt-fuer-daten-traffic-an-orange.php?rss=fuzo
*** Vuln: Cisco VPN Client for Windows CVE-2012-5429 Local Denial of Service Vulnerability ***
---------------------------------------------
Cisco VPN Client for Windows CVE-2012-5429 Local Denial of Service Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/57483
*** Spent Fuel Pool ***
---------------------------------------------
Spent Fuel Pool What if I took a swim in a typical spent nuclear fuel pool? Would I need to dive to actually experience a fatal amount of radiation? How long could I stay safely at the surface? Assuming you're a reasonably good swimmer, you could probably survive treading water anywhere from 10 to 40 hours. At that point, you would black out from fatigue and drown. This is also true for a pool without nuclear fuel in the bottom.Spent fuel from nuclear
---------------------------------------------
http://what-if.xkcd.com/29/
*** iOS 6 jailbreak nearly there, say iPhone hackers ***
---------------------------------------------
"Two iPhone hackers hinted theyre making progress towards developing a new jailbreak for the latest version of Apples mobile operating system. One of the hackers, who goes by "@pod2g" on Twitter, said yesterday that they found two "new vulnerabilities in a day," but whats missing is an "initial code execution" for a public jailbreak. Pod2g is working with David Wang, known as "@planetbeing" on Twitter, to develop a way to remotely exploit iOS 6,
---------------------------------------------
http://news.techworld.com/security/3421528/ios-6-jailbreak-nearly-there-say-iphone-hackers/?olo=rss
*** Security researchers cripple Virut botnet ***
---------------------------------------------
"Many of the domain names used by a cybercriminal gang to control computers infected with the Virut malware were disabled last week in a coordinated takedown effort, Spamhaus, an organization dedicated to fighting spam, announced Saturday. The Virut malware spreads by inserting malicious code into clean executable files and by copying itself to fixed, attached and shared network drives. Some variants also infects HTML, ASP and PHP files with rogue code that distributes the threat...."
---------------------------------------------
http://www.computerworld.com/s/article/9235991/Security_researchers_cripple_Virut_botnet
*** SOL14138: XML External Entity Injection (XXE) from authenticated source CVE-2012-2997 ***
---------------------------------------------
http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14138.html
---------------------------------------------
*** Netzpolitik - Deutschland plant Firmen-Meldepflicht für Cyber-Angriffe ***
---------------------------------------------
Neuer Gesetzentwurf sieht Prüfung der Sicherheitsstandards vor
---------------------------------------------
http://derstandard.at/1358304341673/Deutschland-plant-Firmen-Meldepflicht-fuer-Cyber-Angriffe
*** Bugtraq: [SECURITY] [DSA 2611-1] movabletype-opensource security update ***
---------------------------------------------
[SECURITY] [DSA 2611-1] movabletype-opensource security update
---------------------------------------------
http://www.securityfocus.com/archive/1/525380
*** Red October closes as Kaspersky publishes more details ***
---------------------------------------------
"Almost as soon as Kaspersky began publishing details about the Red October cyberespionage network, the command and control systems behind the apparently five-year-old digital spying ring began closing down. According to a posting on Kasperskys threatpost, the researchers who exposed the network on Monday say that "not only [are] the registrars killing the domains and the hosting providers killing the command-and-control servers but perhaps the attackers shutting down the whole
---------------------------------------------
http://www.h-online.com/security/news/item/Red-October-closes-as-Kaspersky-publishes-more-details-1787774.html
*** Vuln: Oracle MySQL Server CVE-2013-0384 Remote Security Vulnerability ***
---------------------------------------------
Oracle MySQL Server CVE-2013-0384 Remote Security Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/57416
More information about the Daily
mailing list