[CERT-daily] Tageszusammenfassung - Freitag 8-03-2013
Daily end-of-shift report
team at cert.at
Fri Mar 8 18:11:56 CET 2013
=======================
= End-of-Shift report =
=======================
Timeframe: Donnerstag 07-03-2013 18:00 − Freitag 08-03-2013 18:00
Handler: Stephan Richter
Co-Handler: Otmar Lendl
*** Advance Notification for March 2013 - Version: 1.0 ***
---------------------------------------------
http://technet.microsoft.com/en-us/security/bulletin/ms13-mar
*** IPv6 Focus Month: Barriers to Implementing IPv6, (Thu, Mar 7th) ***
---------------------------------------------
Ive been trying for a few months now to get my lab running IPv6 natively, with mixed success. Whats standing in my way you ask? A couple of things, which in turn have further implications:...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=15361&rss
*** IPv6 Focus Month: Filtering ICMPv6 at the Border, (Fri, Mar 8th) ***
---------------------------------------------
Paulgear1 asked on twitter: help on interpreting RFC4890. I still havent turned on IPv6 because Im not confident in my firewall. First of all, what is RFC4890 all about [1]? The RFC is considered informational, not a standard. Usual guidance for IPv4 is to not block ICMP error messages, but one can get away with blocking all ICMP messages. The situation is a bit different when it comes to ICMPv6...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=15367&rss
*** Bugtraq: [security bulletin] HPSBGN02854 SSRT100881 rev.1 - HP Intelligent Management Center (iMC), iMC TACACS+ Authentication Manager (TAM), and iMC User Access Manager (UAM), Cross Site Scripting (XSS), Remote Code Execution, Remote Disclosure of ***
---------------------------------------------
http://www.securityfocus.com/archive/1/525928
*** More Info on Recent ICS-CERT Advisories ***
---------------------------------------------
"ICS-CERT has been busy this week. They updated an alert on Tuesday and issued two advisories yesterday. In two of those three actions there were some interesting questions raised about some of the information provided, or not provided in their documents...."
---------------------------------------------
http://chemical-facility-security-news.blogspot.in/2013/03/more-info-on-recent-ics-cert-advisories_1595.html
*** What ICS-CERT Is and Isnt ***
---------------------------------------------
"When ICS-CERT was created I expected a lot more. I expected analysis and insight from skilled ICS security experts. The reality is ICS-CERT is merely a coordinator of communication between vulnerability finders and the vendor...."
---------------------------------------------
http://www.digitalbond.com/blog/2013/03/07/what-ics-cert-is-and-isnt/
*** Android accounted for 79% of all mobile malware in 2012 ***
---------------------------------------------
"A new study has found that Googles (GOOG) mobile operating system is targeted by hackers far more than any other mobile platform. Security firm F-Secure found that Android accounted for 79% of all mobile malware in 2012, an increase from 66. 7% in 2011 and 11...."
---------------------------------------------
http://bgr.com/2013/03/07/android-malware-2012-362787/
*** Vuln: CoDeSys Gateway Server Multiple Security Vulnerabilities ***
---------------------------------------------
CoDeSys Gateway Server Multiple Security Vulnerabilities
---------------------------------------------
http://www.securityfocus.com/bid/58032
*** Pwn2Own: IE10, Firefox, Chrome, Reader, Java hacks land $500k ***
---------------------------------------------
Googles Chrome OS withstands attack in security contest Its back to the drawing board for coders at Microsoft, Google, Adobe, Mozilla, and Oracle after entrants in the annual Pwn2Own contest waltzed off with over half a million dollars in prizes for exploiting security holes in popular software...
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/03/08/pwn2own_contest_cansecwest/
*** Bugtraq: SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1) ***
---------------------------------------------
http://www.securityfocus.com/archive/1/525938
*** Bugtraq: SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2) ***
---------------------------------------------
http://www.securityfocus.com/archive/1/525941
*** Leaked: The secret OAuth app keys to Twitters VIP lounge ***
---------------------------------------------
Rogue apps could pose as micro-blogging sites Very Important Programs Twitters private OAuth login keys, used by the websites official applications to get preferential treatment from the micro-blogging site, have apparently been leaked. The secret credentials could now allow any software to masquerade as an approved Twitter client...
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/03/08/twitter_oauth_leaked_keys/
*** Heads-Up - Citadel Command and Control Domains ***
---------------------------------------------
"We have detected new Citadel malware activity, again coming from within large, some Dutch, organizations. These Citadel Trojans are not part of the Pobelka botnet (Dutch) that we discovered last year on September 7, 2012. From the data we have gathered so far, we believe this new campaign is running since late November 2012...."
---------------------------------------------
http://www.surfright.nl/en/citadel
More information about the Daily
mailing list