[CERT-daily] Tageszusammenfassung - Mittwoch 2-04-2014

Daily end-of-shift report team at cert.at
Wed Apr 2 18:11:52 CEST 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 01-04-2014 18:00 − Mittwoch 02-04-2014 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

*** Whitehat Securitys Aviator browser is coming to Windows ***
---------------------------------------------
I have had the privilege of knowing Jeremiah Grossman, the iCEO of Whitehat Security, for many years now. He has spoken on many occasions about web security and specifically web browser security or rather, the lack thereof. I recall at one point asking him, "OK, what do you use as a web browser?" He paused, smiled and said, "My own".  That Cheshire cat response played over again in my head when Whitehat Security released their browser offering called Aviator. This is a
---------------------------------------------
http://www.csoonline.com/article/2136258/application-security/whitehat-security-s-aviator-browser-is-coming-to-windows.html#tk.rss_applicationsecurity




*** 110,000 Wordpress Databases Exposed ***
---------------------------------------------
For years now Ive been writing my various blog posts and I have used many different kinds of CMS platforms right back to posting using VI back in the 90s. My favourite platform that Ive used to create content has been Wordpress by far. I can almost here the security folks cringe. Yes, it is a massive headache to lockdown. But, I fight on as the user experience makes the pain worthwhile. OK, maybe worthwhile isnt the correct word. This is a platform that has had a long history of security
---------------------------------------------
http://www.csoonline.com/article/2136246/application-security/110-000-wordpress-databases-exposed.html#tk.rss_applicationsecurity




*** "ct wissen Windows": So meistern Sie das Support-Ende von Windows XP ***
---------------------------------------------
Pünktlich zum Support-Ende von Windows XP veröffentlichen wir mit dem "ct wissen Windows" ein Handbuch für alle Betroffenen. Es erläutert nicht nur, was das Support-Ende genau bedeutet, sondern liefert vor allem Praxis-Anleitungen.
---------------------------------------------
http://www.heise.de/newsticker/meldung/c-t-wissen-Windows-So-meistern-Sie-das-Support-Ende-von-Windows-XP-2156949.html/from/rss09?wt_mc=rss.ho.beitrag.rdf




*** Call for packets udp/137 broadcast, (Tue, Apr 1st) ***
---------------------------------------------
One of our readers have reported that he has seen a broadcast traffic to udp/137 . He suspected that the traffic cause a denial of service to some of his systems.  If you have seen such traffic and you would like to share some packets we would appreciate that.   (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=17887&rss




*** AlienVault Open Source SIM date_from SQL injection ***
---------------------------------------------
AlienVault Open Source SIM (OSSIM) is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the ISO27001Bar1.php script using the date_from parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/92172




*** Password bug let me see shoppers credit cards in eBay ProStores, claims infosec bod ***
---------------------------------------------
Online bazaar fixes store account hijack flaw, were told A serious vulnerability that potentially allowed shoplifters to empty eBay ProStores shops and swipe customer credit cards has been fixed  according to the security researcher who says he found the hole.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2014/04/01/ebay_stores_vuln/




*** Fake Google apps removed from Window Phone Store by Microsoft ***
---------------------------------------------
Five phony Google apps appeared in the app store, each with a $1.99 price tag, before being removed by the company.
---------------------------------------------
http://feedproxy.google.com/~r/SCMagazineHome/~3/fXb73Il-oZg/




*** Hack of Boxee.tv exposes password data, messages for 158,000 users ***
---------------------------------------------
Huge file circulating online contains e-mail addresses, full message histories.
---------------------------------------------
http://feeds.arstechnica.com/~r/arstechnica/security/~3/B676MRE54C8/




*** IT Analyst Highlights 6 IT Security 'Worst Practices' ***
---------------------------------------------
In a new Network World article, prominent IT analyst and researcher Linda Musthaler is highlighting 6 'worst practices' that companies commit on their way to undermining, destabilizing, or just plain wrecking their IT security efforts: Failing to stay up-to-date with the latest technologies and techniques. Neglecting to take a comprehensive network security approach that also [...]The post IT Analyst Highlights 6 IT Security 'Worst Practices' appeared first on Seculert
---------------------------------------------
http://www.seculert.com/blog/2014/04/it-analyst-highlights-6-it-security-worst-practices.html




*** HP integrated Lights Out (iLO) IPMI Protocol Flaw Lets Remote Users Obtain Hashed Passwords ***
---------------------------------------------
A vulnerability was reported in HP integrated Lights Out (iLO). A remote user can gain obtain hashed passwords.
A remote user can invoke the IPMI 2.0 protocol to obtain the target user's salted SHA1 or MD5 hash.
The vulnerability resides in the protocol design and is mandated by the IPMI 2.0 specification.
---------------------------------------------
http://www.securitytracker.com/id/1029981




*** Extended Random: The PHANTOM NSA-RSA backdoor that never was ***
---------------------------------------------
Profs paper was all about attacking Dual EC DRBG, not a Snowden-esque spy bombshell Over the last day or so the security press has been touting stories of a second NSA-induced backdoor in RSAs encryption software BSafe. But it appears to be more sound and fury than substance.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2014/04/02/extended_random_nsa_rsa_bsafe/




*** Safari für Mac OS X: Update schließt Sicherheitslücken und bringt einige Neuerungen ***
---------------------------------------------
Der Apple-Webbrowser ist für OS X Mavericks und OS X Mountain Lion in neuen Versionen verfügbar. Neben Patches gegen Sicherheitslücken gibt es Bugfixes und Änderungen an der Benachrichtigungsfunktion.
---------------------------------------------
http://www.heise.de/security/meldung/Safari-fuer-Mac-OS-X-Update-schliesst-Sicherheitsluecken-und-bringt-einige-Neuerungen-2159991.html




*** [2014-04-02] Multiple vulnerabilities in Rhythm File Manager ***
---------------------------------------------
An attacker being able to connect to the Android device (e.g. if he uses the same Wireless network), can access arbitrary local files from the device while the File Manager app is being used to stream media. Moreover, a malicious Android app or an attacker being able to connect to the Android device may issue system commands as the user "root" if "root browsing" is enabled.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140402-0_Rhythm_File_Manager_Multiple_Vulnerabilities_v10.txt




*** Analysis: Financial cyber threats in 2013. Part 1: phishing ***
---------------------------------------------
It has been quite a few years since cybercriminals started actively stealing money from user accounts at online stores, e-payment systems and online banking systems.
---------------------------------------------
http://www.securelist.com/en/analysis/204792330/Financial_cyber_threats_in_2013_Part_1_phishing




*** Bugtraq: [IMF 2014] Call for Participation ***
---------------------------------------------
See the program at:
http://www.imf-conference.org/imf2014/program.html
The conference will take place from Monday, May 12th through Wednesday,
May 14th in Münster, Germany.
Registration details:
http://www.imf-conference.org/imf2014/registration.html
---------------------------------------------
http://www.securityfocus.com/archive/1/531707




*** VU#917700: Huawei Echo Life HG8247 optical router XSS vulnerability ***
---------------------------------------------
Vulnerability Note VU#917700 Huawei Echo Life HG8247 optical router XSS vulnerability Original Release date: 02 Apr 2014 | Last revised: 02 Apr 2014   Overview Huawei Echo Life HG8247 optical router contains a stored cross-site scripting (XSS) vulnerability  Description It has been reported that Huawei Echo Life HG8247 optical routers running software version V1R006C00S120 or earlier contain a stored cross-site scripting (XSS) vulnerability. An unauthenticated attacker can perform a stored
---------------------------------------------
http://www.kb.cert.org/vuls/id/917700






More information about the Daily mailing list