[CERT-daily] Tageszusammenfassung - Dienstag 15-04-2014

Tue Apr 15 18:20:01 CEST 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 14-04-2014 18:00 − Dienstag 15-04-2014 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl


*** Barracuda Multiple Products OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/57869


*** DSA-2903 strongswan ***
---------------------------------------------
http://www.debian.org/security/2014/dsa-2903


*** Occupy Your Icons Silently on Android ***
---------------------------------------------
FireEye mobile security researchers have discovered a new Android security issue: a malicious app with normal protection level permissions can probe icons on Android home screen and modify them to point to phishing ..
---------------------------------------------
http://www.fireeye.com/blog/uncategorized/2014/04/occupy_your_icons_silently_on_android.html


*** From the Trenches: AV Evasion With Dynamic Payload Generation ***
---------------------------------------------
https://community.rapid7.com/community/metasploit/blog/2014/04/14/from-the-trenches-av-evasion-with-dynamic-payload-generation


*** Critical Patch Update - April 2014 - Pre-Release Announcement ***
---------------------------------------------
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html


*** First Phase of TrueCrypt Audit Turns Up No Backdoors ***
---------------------------------------------
A initial audit of the popular open source encryption software TrueCrypt turned up fewer than a dozen vulnerabilities, none of which so far point toward a backdoor surreptitiously inserted into the codebase. A report on the first phase of the audit was released ..
---------------------------------------------
http://beta.slashdot.org/story/200749


*** Microsoft Confirms It Is Dropping Windows 8.1 Support ***
---------------------------------------------
Microsoft TechNet blog makes clear that Windows 8.1 will not be patched, and that users must get Windows 8.1 Update if they want security patches, InfoWorlds Woody Leonhard reports. In what is surely the most customer-antagonistic move of the new Windows regime, Steve Thomas at Microsoft posted a TechNet article on Saturday stating categorically that Microsoft will ..
---------------------------------------------
http://tech.slashdot.org/story/14/04/15/0053213/microsoft-confirms-it-is-dropping-windows-81-support


*** VMware reveals 27-patch Heartbleed fix plan ***
---------------------------------------------
Go buy your vSysadmins a big choccy egg: their Easter in peril VMware has confirmed that 27 of its products need patches for the Heartbleed bug.
---------------------------------------------
http://www.theregister.co.uk/2014/04/15/vmware_reveals_27patch_heartbleed_fix_plan/


*** Cyberwar-Doku "netwars / out of CTRL": Webdoc bei heise ***
---------------------------------------------
heise online präsentiert parallel zur Arte-Doku den ersten Teil der innovativen Multimedia-Dokumentation zum Thema Cyberwar. Sie entscheiden selbst, ob Sie beispielsweise lieber Details zu Stuxnet oder einen Kommentar des Star-Hackers FX sehen möchten.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Cyberwar-Doku-netwars-out-of-CTRL-Webdoc-bei-heise-2170122.html


*** Samsung Galaxy S5: Fingerabdrucksensor auch schon gehackt ***
---------------------------------------------
Mit einer für das iPhone 5S entwickelten Fingerkuppenattrappe trickste Ben Schlabs die Sperre des neuen Samsung-Flagschiffs aus. Er konnte damit dann sogar Geld überweisen.
---------------------------------------------
http://www.heise.de/security/meldung/Samsung-Galaxy-S5-Fingerabdrucksensor-auch-schon-gehackt-2170192.html


*** SSA-364879 (Last Update 2014-04-15): Vulnerabilities in SINEMA Server ***
---------------------------------------------
https://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-364879.pdf


*** SSA-654382 (Last Update 2014-04-15): Vulnerabilities in SIMATIC S7-1200 CPU ***
---------------------------------------------
https://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-654382.pdf


*** Akamai Withdraws Proposed Heartbleed Patch ***
---------------------------------------------
As researchers demonstrate OpenSSL bug exploits that retrieve private keys, Akamai rescinds a patch suggestion for the SSL/TLS library after a security researcher punches holes in it.
---------------------------------------------
http://www.darkreading.com/application-security/akamai-withdraws-proposed-heartbleed-patch/d/d-id/1204443


*** (ISC) launches cyber forensics credential in Europe ***
---------------------------------------------
Information and software security professional body (ISC)2 has announced the availability of its Certified Cyber Forensics Professional certification in Europe. Registration for CCFP-EU is now open, with the first exam available on 30 April 2014 at Pearson VUE test centres across the region. The German translation of the exam is to be available from 15 June 2014.
---------------------------------------------
http://www.computerweekly.com/news/2240218864/ISC2-launches-cyber-forensics-credential-in-Europe


*** BSI warnt vor BSI-Mails ***
---------------------------------------------
Betrüger missbrauchen den Namen des BSI für eine Phishing-Kampagne, die vorgibt, dass der Empfänger bei "illegalen Aktivitäten" erwischt wurde. Das BSI rät, den Anhang keinesfalls zu öffnen.
---------------------------------------------
http://www.heise.de/security/meldung/BSI-warnt-vor-BSI-Mails-2170549.html


*** Hardware Giant LaCie Acknowledges Year-Long Credit Card Breach ***
---------------------------------------------
Computer hard drive maker LaCie has acknowledged that a hacker break-in at its online store exposed credit card numbers and contact information on customers for the better part of the past ..
---------------------------------------------
http://krebsonsecurity.com/2014/04/hardware-giant-lacie-acknowledges-year-long-credit-card-breach/


*** Synology räumt nach Heartbleed auf: Passwort-Wechsel und Updates ***
---------------------------------------------
Nachdem es durch die Heartbleed-Lücke gelang, auf Mail-Adressen und Passwörter von Synology-Nutzern zuzugreifen, fordert der Hersteller seine Kunden nun nachdrücklich zum Passwortwechsel auf. Ausserdem gibt es Security-Updates für die Synology-NAS.
---------------------------------------------
http://www.heise.de/security/meldung/Synology-raeumt-nach-Heartbleed-auf-Passwort-Wechsel-und-Updates-2170759.html


*** Exploiting CSRF under NoScript Conditions ***
---------------------------------------------
https://community.rapid7.com/community/metasploit/blog/2014/04/15/exploiting-csrf-without-javascript