[CERT-daily] Tageszusammenfassung - Montag 11-08-2014

Mon Aug 11 18:06:01 CEST 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 08-08-2014 18:00 − Montag 11-08-2014 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter


*** Cisco Unity Connection SQL Injection Vulnerability ***
---------------------------------------------
CVE-2014-3336
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3336


*** Splunk Bugs Permit Remote Cross-Site Scripting and Remote Authenticated Directory Traversal Attacks ***
---------------------------------------------
http://www.securitytracker.com/id/1030690


*** Incident Response with Triage-ir, (Sun, Aug 10th) ***
---------------------------------------------
In many cases having a full disk image is not an option during an incident. Imagine that you are suspecting that you have dozen of infected or compromised system. Can you spend 2-3 hours to make a forensic copy of hard disks hundred computers? In such situation fast forensics is the solution for such situation. Instead of copying everything collecting some files that may contain an evidence can solve this issue. In this diary I am going to talk about an application that will collect most of...
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=18509&rss


*** Verifying preferred SSL/TLS ciphers with Nmap, (Mon, Aug 11th) ***
---------------------------------------------
In last year or two, there has been a lot of talk regarding correct usage of SSL/TLS ciphers on web servers. Due to various incidents more or less known incidents, web sites today should use PFS (Perfect Forward Secrecy), a mechanism that is used when an SSL/TLS connection is established and symmetric keys exchanged. PFS ensures that, in case an attacker obtains the server's private key, he cannot decrypt previous SSL/TLS connections to that server. If PFS is not used (if RSA is used to
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=18513&rss


*** WordHound erzeugt maßgeschneiderte Wörterbücher für Passwort-Knacker ***
---------------------------------------------
Wörterbuch-Attacken auf Passwort-Hashes dauern lange und sind nicht immer erfolgreich. Schneidet man die durchzuprobierenden Passwörter aber auf das Ziel zurecht, sind selbst vergleichbar komplizierte Kennwörter unter Umständen nicht mehr sicher.
---------------------------------------------
http://www.heise.de/newsticker/meldung/WordHound-erzeugt-massgeschneiderte-Woerterbuecher-fuer-Passwort-Knacker-2290121.html/from/rss09?wt_mc=rss.ho.beitrag.rdf


*** You cannot cyberhijack an airplane, but you can create mischief ***
---------------------------------------------
Hacking a plane and taking control of the aircraft is a considerably scary prospect, but two speakers at DefCon 22 in Las Vegas quashed the notion and put worries to rest.
---------------------------------------------
http://www.scmagazine.com/defcon-you-cannot-cyberhijack-an-airplane-but-you-can-create-mischief/article/365465/


*** Cybercrime Report: Soziale Netzwerke zunehmend betroffen ***
---------------------------------------------
2013 wurden in Österreich 11.199 Fälle von Cybercrime angezeigt. Als Motive sieht das Bundeskriminalamt finanzielle Interessen, Langeweile und Hacktivism. [...] Neue Technologien werden in Zukunft weiterhin neue Erscheinungsformen von Cyberkriminalität begünstigen, heißt es im Report. Genannt wurde der Einsatz von "NFC" (Near Field Communication) zur Durchführung kontaktloser Zahlungsvorgänge, aber auch Verkehrsmittel, die mit der Möglichkeit zur Netzwerk-Kommunikation ausgestattet werden, wie zum Beispiel Smart-Vehicles und Drohnen, warnt der Bericht abschließend.
---------------------------------------------
http://futurezone.at/netzpolitik/cybercrime-report-soziale-netzwerke-zunehmend-betroffen/79.721.933