[CERT-daily] Tageszusammenfassung - Montag 25-08-2014

Daily end-of-shift report team at cert.at
Mon Aug 25 18:08:20 CEST 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 22-08-2014 18:00 − Montag 25-08-2014 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl



*** Stiffed by Synolocker ransomware crims? Try F-Secures python tool ***
---------------------------------------------
Unlock key doesnt always fit, says security biz Security firm F-Secure has released a tool to decrypt data scrambled by the Synolocker malware - assuming youve obtained the decryption key from the crooks.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2014/08/23/f_secure_synolocker_fix/




*** QEMU ACPI PCI code execution ***
---------------------------------------------
QEMU could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds access error in ACPI PCI hotplug interface. An attacker could exploit this vulnerability to corrupt QEMU process memory and obtain sensitive information.
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/95419




*** HP Service Manager Bugs Let Remote Users Gain Elevated Privileges, Modify Data, and Deny Service and Conduct Cross-Site Scripting and Cross-Site Requset Forgery Attacks ***
---------------------------------------------
http://www.securitytracker.com/id/1030756




*** OpenOffice Targeted Data Exposure Using Crafted OLE Objects ***
---------------------------------------------
The exposure exploits the way OLE previews are generated to embed arbitrary file data into a specially crafted
document when it is opened. Data exposure is possible if the updated document is distributed to other parties.
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014080102




*** OpenOffice 4.1.0 Calc Command Injection ***
---------------------------------------------
The vulnerability allows command injection when loading Calc spreadsheets. Specially crafted documents can be used for
command-injection attacks. Further exploits are possible but have not been verified.
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014080101




*** Fortinet FortiGate Flaw in FortiManager Protocol Service Lets Remote Users Deny Service ***
---------------------------------------------
http://www.securitytracker.com/id/1030753




*** NIST to sysadmins: clean up your SSH mess ***
---------------------------------------------
Too many keys, too badly managed - NIST has taken a look at how companies use Secure Shell (SSH), and doesnt much like what it sees.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2014/08/25/nist_to_sysadmins_clean_up_your_ssh_mess/




*** Ransomware mit leistungsfähigen Password Stealer ***
---------------------------------------------
Ransomware auch als 'WinLocker' bekannt, sind nach wie vor in unserem digitalen Alltag gegenwärtig und wird zudem von Cyberkriminellen mit weiteren und komplexeren Funktionen ausgestattet. Um an Informationen zu Funktionen und evtl. Hintermänner dieser Ransomware zu gelangen, haben Experten von Avast bei der neusten Generation dieser Malware, Indizien zu leistungsfähigen Modulen u.a. zum Diebstahl von Passwort und Zugangsdaten gefunden.
---------------------------------------------
http://blog.botfrei.de/2014/08/ransomware-mit-leistungsfaehigen-password-stealer/






More information about the Daily mailing list