[CERT-daily] Tageszusammenfassung - Freitag 18-10-2013
Daily end-of-shift report
team at cert.at
Fri Oct 18 18:00:34 CEST 2013
=======================
= End-of-Shift report =
=======================
Timeframe: Donnerstag 17-10-2013 18:00 − Freitag 18-10-2013 18:00
Handler: Matthias Fraidl
Co-Handler: n/a
*** You´re infected - if you want to see your data again, pay us $300 in Bitcoins ***
---------------------------------------------
Ransomware comes of age with unbreakable crypto, anonymous payments.
---------------------------------------------
http://feeds.arstechnica.com/~r/arstechnica/security/~3/VLDxuwIP36Q/story01.htm
*** DNS-Experten diskutieren Risiken neuer Angriffsszenarien ***
---------------------------------------------
Forscher beschreiben Angriffsszenarien auf das Domain Name System, bei dem die Fragmentierung von IP-Paketen ausgenutzt wird.
---------------------------------------------
http://www.heise.de/security/meldung/DNS-Experten-diskutieren-Risiken-neuer-Angriffsszenarien-1981443.html
*** Kankan - eine chinesische Trojaner-Geschichte ***
---------------------------------------------
Die Analysten von Eset haben eine mysteriöse Geschichte über einen Trojaner zusammengetragen, der vor allem in China Verbreitung fand. Die Bestandteile: infizierte PCs und Smartphones, ein reumütiger Software-Hersteller und mehrere offene Rätsel.
---------------------------------------------
http://www.heise.de/security/meldung/Kankan-eine-chinesische-Trojaner-Geschichte-1981463.html
*** Got a mobile phone? Then youve got a Trojan problem too ***
---------------------------------------------
This time it´s personal Something wonderful has happened: phones have got smart, but the bad news is they may open the door to those you don´t want to let in.
---------------------------------------------
http://www.theregister.co.uk/2013/10/18/feature_mobile_security_malware/
*** VMware Release Multiple Security Updates ***
---------------------------------------------
VMware released the following security updates. The first one is VMSA-2013-0012 which address multiple vulnerabilities in vCenter Server, vSphere Update Manager, ESXi and ESX. The second is VMSA-2013-0006.1 which address multiple vulnerabilities in vCenter Server Appliances and vCenter Server running on Windows. The last is VMSA-2013-0009.1 which address multiple vulnerabilities in vCenter Server, ESX and ESXi that updates third party libraries.
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=16847&rss
*** Fiendish CryptoLocker ransomware: Whatever you do, dont PAY ***
---------------------------------------------
Create remote backups before infection, advise infosec bods Vid A fiendishly nasty strain of Windows malware that uses advanced encryption to lock up user files before demanding a ransom is doing the rounds.
---------------------------------------------
http://www.theregister.co.uk/2013/10/18/cryptolocker_ransmware/
*** Sybase Adaptive Server Enterprise XML injection ***
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/88105
*** cPanel CloudFlare Plugin Unspecified Privilege Escalation Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/55273
*** osCommerce Flaws Permit Cross-Site Scripting and Cross-Site Request Forgery Attacks to Create New Admin Accounts ***
---------------------------------------------
http://www.securitytracker.com/id/1029189
*** Level One Enterprise Access Points Password Disclosure ***
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013100123
*** Bugtraq: CSRF vulnerability in LinkedIn ***
---------------------------------------------
http://www.securityfocus.com/archive/1/529270
*** Summary for October 2013 - Version: 1.1 ***
---------------------------------------------
http://technet.microsoft.com/en-za/security/bulletin/ms13-oct
More information about the Daily
mailing list