[CERT-daily] Tageszusammenfassung - Donnerstag 17-10-2013

Thu Oct 17 18:02:01 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 16-10-2013 18:00 − Donnerstag 17-10-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  n/a

*** Bug Hunters Find 25 ICS, SCADA Vulnerabilities ***
---------------------------------------------
A trio of researchers have uncovered 25 security vulnerabilities in various supervisory control and data acquisition (SCADA) and industrial control system (ICS) protocols.
---------------------------------------------
http://threatpost.com/bug-hunters-find-25-ics-scada-vulnerabilities/102599


*** Researchers uncover holes that open power stations to hacking ***
---------------------------------------------
Hacks could cause power outages and dont need physical access to substations.
---------------------------------------------
http://arstechnica.com/security/2013/10/researchers-uncover-holes-that-open-power-stations-to-hacking/


*** Raising awareness quickly: A look at basic password hygiene ***
---------------------------------------------
Rapid7s tips for strengthing your first line of defense
---------------------------------------------
http://www.csoonline.com/article/741540/raising-awareness-quickly-a-look-at-basic-password-hygiene?source=rss_application_security


*** Mass iFrame injection campaign leads to Adobe Flash exploits ***
---------------------------------------------
We´ve intercepted an ongoing malicious campaign, relying on injected/embedded iFrames at Web sites acting as intermediaries for a successful client-side exploits to take place. Let´s dissect the campaign, expose the malicious domains portfolio/infrastructure it relies on, as well as directly connect it with historical malicious activity, in this particular case, a social engineering campaign pushing fake browser updates.
---------------------------------------------
http://www.webroot.com/blog/2013/10/17/mass-iframe-injection-campaign-leads-adobe-flash-exploits/


*** Top 20 Free Digital Forensic Investigation Tools for SysAdmins ***
---------------------------------------------
Here are 20 of the best free tools that will help you conduct a digital forensic investigation. Whether it´s for an internal human resources case, an investigation into unauthorized access to a server, or if you just want to learn a new skill, these suites and utilities will help you conduct memory forensic analysis, hard drive forensic analysis, forensic image exploration, forensic imaging and mobile forensics.
---------------------------------------------
http://www.gfi.com/blog/top-20-free-digital-forensic-investigation-tools-for-sysadmins/


*** Hintergrund: Standardpasswörter kein Sicherheitsrisiko? ***
---------------------------------------------
Das ICS-CERT, zuständig für kritische Infrastruktur wie Staudämme und Atomkraftwerke, sagt Standardpasswörter stellen kein Sicherheitsrisiko dar solange sie gut dokumentiert und änderbar sind. Ist das wirklich so?
---------------------------------------------
http://www.heise.de/security/artikel/Standardpasswoerter-kein-Sicherheitsrisiko-1980853.html


*** Apple iMessage Open to Man in the Middle, Spoofing Attacks ***
---------------------------------------------
The Apple iMessage protocol has been shrouded in secrecy for years now, but a pair of security researchers have reverse-engineered the protocol and found that Apple controls the encryption key infrastructure for the system and therefore has the ability to read users´ text messages or decrypt them and hand them over at the order of a government agency.
---------------------------------------------
http://threatpost.com/apple-imessage-open-to-man-in-the-middle-spoofing-attacks/102610


*** IBM Storwize V7000 Unified Multiple Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/55247


*** Bugtraq: PayPal Inc Bug Bounty #61 - Persistent Mail Encoding Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/archive/1/529250


*** Puppet Enterprise Dashboard Report YAML Handling Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/55362


*** Drupal Context Mulitple Vulnerabilities ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013100111


*** Drupal Simplenews Cross Site Scripting ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013100112


*** Vuln: Cisco Identity Services Engine CVE-2013-5539 Arbitrary File Upload Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/63031


*** Bugtraq: Security Advisory for Bugzilla 4.4.1, 4.2.7 and 4.0.11 ***
---------------------------------------------
http://www.securityfocus.com/archive/1/529262


*** Panda Security for Business Pagent.exe code execution ***
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/88091