[CERT-daily] Tageszusammenfassung - Donnerstag 23-05-2013

Daily end-of-shift report team at cert.at
Thu May 23 18:05:56 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 22-05-2013 18:00 − Donnerstag 23-05-2013 18:00
Handler:     Stephan Richter
Co-Handler:  n/a




*** New Trojan steals short messages ***
---------------------------------------------
May 22, 2013 Russian anti-virus company Doctor Web is warning users about a new Trojan for Android that can intercept inbound short messages and forward them to criminals. Android.Pincer.2.origin poses a serious threat because stolen messages can contain sensitive information such as mTAN codes which are used to confirm online banking transactions. The Trojan, discovered by Doctor Webs analysts several days ago, is a second representative of the Android.Pincer malware family. Like its...
---------------------------------------------
http://news.drweb.com/show/?i=3549&lng=en&c=9




*** CODESYS–Gateway Use After Free ***
---------------------------------------------
This advisory provides mitigation details for a vulnerability that impacts the 3S CODESYS Gateway application
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-13-142-01




*** IBM Tivoli Monitoring cross-site scripting ***
---------------------------------------------
IBM Tivoli Monitoring is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using Tivoli Enterprise Portal browser client to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/83328




*** Antwortbegrenzung ***
---------------------------------------------
Angesichts zunehmender DNS-Attacken denkt das Denic an eine Begrenzung Antworten auf Domainanfragen.
---------------------------------------------
http://www.heise.de/newsticker/meldung/DNS-Attacken-Denic-schliesst-das-Kappen-von-DNS-Antwortraten-nicht-aus-1867772.html




*** Apple QuickTime Multiple Vulnerabilities ***
---------------------------------------------
Multiple vulnerabilities have been reported in Appe QuickTime, which can be exploited by malicious people to compromise a user's system.
---------------------------------------------
https://secunia.com/advisories/53520




*** Flagallery-Skins plugin for WordPress gallery.php SQL injection ***
---------------------------------------------
Flagallery-Skins plugin for WordPress is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the gallery.php script using the playlist parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/84445




*** Oracle Java ist verbreitetste Sicherheitslücke ***
---------------------------------------------
Laut einer aktuellen Quartalsanalyse des Virenschutzherstellers Kaspersky stieg die Zahl der Bedrohungen über das Internet gegenüber dem Vorquartal um 1,5 Prozentpunkte. Den Spitzenplatz unter den Ländern, von denen Schadprogramme ausgehen, gab Russland wieder an die USA ab. Bei den Sicherheitslücken ist Oracle Java weiter führend.
---------------------------------------------
http://futurezone.at/digitallife/16038-oracle-java-ist-verbreitetste-sicherheitsluecke.php?rss=fuzo




*** IT security vendors seen as clueless on industrial control systems ***
---------------------------------------------
Even the most innocuous security processes used for traditional IT systems could spell disaster in an ICS
---------------------------------------------
http://www.csoonline.com/article/733873/it-security-vendors-seen-as-clueless-on-industrial-control-systems?source=rss_application_security




*** Mac Spyware Bait: Lebenslauf für Praktitkum ***
---------------------------------------------
As a follow up to yesterdays Kumar in the Mac post… have you received e-mail attachments such as this?Attachments: • Christmas_Card.app.zip • Content_for_Article.app.zip • Content_of_article_for_[NAME REMOVED].app.zip • Interview_Venue_and_Questions.zip • Lebenslauf_für_Praktitkum.zipIf so, you may be the target of a spear phishing campaign designed to install a spyware on your Mac.Heres a list of binaries signed by Apple Developer "Rajinder...
---------------------------------------------
http://www.f-secure.com/weblog/archives/00002559.html


More information about the Daily mailing list