[CERT-daily] Tageszusammenfassung - Donnerstag 5-09-2013

Daily end-of-shift report team at cert.at
Thu Sep 5 18:16:34 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 04-09-2013 18:00 − Donnerstag 05-09-2013 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter




*** Mit Typo 3 zum Server-Admin ***
---------------------------------------------
Angemeldete Benutzer konnten unter Typo 3 Konfigurationsdateien auslesen und Dateien kopieren, löschen und ausführen. Nachdem die Experten der SySS GmbH diese Fehler schon vor Monaten an die Entwickler gemeldet hatten, wurden die Probleme nun behoben.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Mit-Typo-3-zum-Server-Admin-1949243.html




*** AVG 2014: Das Interessanteste gibts umsonst ***
---------------------------------------------
AVG stellt die Version 2014 seiner Virenschutzprodukte vor. Das darin enthaltene Modul PrivacyFix überprüft, welche Daten man auf sozialen Netzwerken über sich preisgibt.
---------------------------------------------
http://www.heise.de/security/meldung/AVG-2014-Das-Interessanteste-gibts-umsonst-1949173.html




*** Whatever Happened to Facebook Likejacking? ***
---------------------------------------------
Back in 2010, Facebook likejacking (a social engineering technique of tricking people into posting a Facebook status update) was a trending problem. So, whatever happened to likejacking scams and spam? Well, Facebook beefed-up its security - and the trend significantly declined, at least when compared to peak 2010 numbers.But you cant keep a good spammer down. Cant beat them? Join them.Today, some of the same junk which was spread via likejacking... is now spread via Facebook...
---------------------------------------------
http://www.f-secure.com/weblog/archives/00002602.html




*** Java's Losing Security Legacy ***
---------------------------------------------
Javas code-signing requirements have proven to be a bust, security researchers say, and now even longtime developers are losing faith in the programming language.
---------------------------------------------
http://threatpost.com/javas-losing-security-legacy/102176




*** Sham G20 Summit Email Carries "Split" Backdoor ***
---------------------------------------------
The upcoming G20 Summit in St. Petersburg, Russia might have already spewed several messages aimed at both common users and specific groups. A recent email we saw is only the latest in these threats. The said message is purportedly from the event's planning team and refers to a "pre-summit meeting":...
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/sham-g20-summit-email-carries-split-backdoor/




*** Leicht zu enttarnen ***
---------------------------------------------
Wissenschaftler haben die Möglichkeiten untersucht, die Anonymität von Tor-Nutzern aufzuheben - mit ziemlich erschreckenden Resultaten.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Tor-Benutzer-leicht-zu-enttarnen-1949449.html




*** Blog: Obad.a Trojan now being distributed via mobile botnets ***
---------------------------------------------
In late May we reported on the details of Backdoor.AndroidOS.Obad.a, the most sophisticated mobile Trojan to date. At the time we had almost no information about how this piece of malware gets onto mobile devices. We have since been examining how the Trojan is distributed and discovered that the malware owners have...
---------------------------------------------
http://www.securelist.com/en/blog/8131/Obad_a_Trojan_now_being_distributed_via_mobile_botnets




*** Bugcrowd organisiert Schwachstellensuche für Unternehmen ***
---------------------------------------------
Das australisch-amerikanische Startup will es Firmen ermöglichen, ihre eigenen Bug-Bounty-Programme einfach auf die Beine zu stellen. Firmen wie Google und Mozilla profitieren schon seit längerem von eigenen Programmen dieser Art.
---------------------------------------------
http://www.heise.de/security/meldung/Bugcrowd-organisiert-Schwachstellensuche-fuer-Unternehmen-1949833.html




*** Don't Install The Google Authenticator For iOS Update ***
---------------------------------------------
Google today pushed an update out for Google Authenticator for iOS, the two-factor authentication companion app that makes your Google account and services where you use it to login more secure. But it's an update users will want to avoid for now, as it erases all your existing stored data and connected accounts,...
---------------------------------------------
http://techcrunch.com/2013/09/04/dont-install-the-google-authenticator-for-ios-update-unless-you-want-your-stored-user-accounts-wiped/




*** Samsungs Android-Geräte bekommen Verschlüsselungstechnik Knox ***
---------------------------------------------
Samsung hat die ersten Android-Geräte mit der Sicherheitstechnik ausgerüstet und erste Hinweise geliefert, welche älteren Modelle ein Update bekommen.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Samsungs-Android-Geraete-bekommen-Verschluesselungstechnik-Knox-1950029.html




*** Large botnet cause of recent Tor network overload ***
---------------------------------------------
Recently, Roger Dingledine described a sudden increase in Tor users on the Tor Talk mailinglist. To date there has been a large amount of speculation as to why this may have happened. A large number of articles seem to suggest this to be the result of the recent global espionage events, the evasion of the Pirate Bay blockades using the PirateBrowser or the Syrian civil war.
---------------------------------------------
http://blog.fox-it.com/2013/09/05/large-botnet-cause-of-recent-tor-network-overload/




*** Linux Kernel 3.10.10 scm_check_creds() PID spoofing Privileges Escalation ***
---------------------------------------------
Topic: Linux Kernel 3.10.10 scm_check_creds() PID spoofing Privileges Escalation Risk: High Text:A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to gain escalated pri...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013090044




*** Drupal Core CSS Selectors Allow Remote Users to Insert Hidden Text and Links to Obtain Potentially Sensitive Information ***
---------------------------------------------
http://www.securitytracker.com/id/1028978




*** Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players ***
---------------------------------------------
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players
---------------------------------------------
http://www.securityfocus.com/archive/1/528432




*** Symantec Endpoint Protection un-installation password bypass ***
---------------------------------------------
Topic: Symantec Endpoint Protection un-installation password bypass Risk: High Text: Description: A weakness has been revealed on SEP installation that allows user to uninstall this product w...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013090045




*** IBM WebSphere MQ Multiple Java Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/54721




*** Cisco GSS Global Site Selector Cross-Site Request Forgery Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/54727


More information about the Daily mailing list