[CERT-daily] Tageszusammenfassung - Montag 3-02-2014

Mon Feb 3 18:08:33 CET 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 31-01-2014 18:00 − Montag 03-02-2014 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Telefonie-Missbrauch anscheinend kein Massenhack von AVMs Fritzboxen ***
---------------------------------------------
In den letzten Tagen wunderten sich einige Fritzbox-Nutzer über hohe, teils exorbitante Telefongebühren. Dahinter stecken anscheinend Angriffe mit bekannten Zugangsdaten auf die Fernkonfiguration der verwendeten Fritzboxen.
---------------------------------------------
http://www.heise.de/security/meldung/Telefonie-Missbrauch-anscheinend-kein-Massenhack-von-AVMs-Fritzboxen-2104609.html


*** Hackers Use a Trick to Deliver Zeus Banking Malware ***
---------------------------------------------
IDG News Service - Hackers found a new way to slip past security software and deliver Zeus, a long-known malicious software program that steals online banking details. Security company Malcovery Security, based in Georgia, alerted security analysts after finding that none of 50 security programs on Googles online virus scanning service VirusTotal were catching it as of early Sunday.
---------------------------------------------
http://www.cio.com/article/747601/Hackers_Use_a_Trick_to_Deliver_Zeus_Banking_Malware


*** More than a million Android devices infected with bootkit trojan ***
---------------------------------------------
More than a million Android mobile devices worldwide are now infected with a crafty bootkit trojan known as Android.Oldboot.1.origin - a number that has more than tripled in a week.
---------------------------------------------
http://www.scmagazine.com//more-than-a-million-android-devices-infected-with-bootkit-trojan/article/331982/


*** DailyMotion Still Infected, Serving Fake AV Malware ***
---------------------------------------------
DailyMotion, one of the most popular websites on the Web, is still serving fake AV malware three weeks after it was notified of a compromise.
---------------------------------------------
http://threatpost.com/dailymotion-still-infected-serving-fake-av-malware/104003


*** SSA-342587 (Last Update 2014-02-03): Vulnerabilities in SIMATIC WinCC Open Architecture ***
---------------------------------------------
https://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf


*** VU#250358: Various Inmarsat broadband satellite terminals contain multiple vulnerabilities ***
---------------------------------------------
A number of broadband satellite terminals which utilize the Inmarsat satellite telecommunications network have been found to contain undocumented hardcoded login credentials (CWE-798). Additionally, these broadband satellite terminals utilize an insecure proprietary communications protocol that allows...
---------------------------------------------
http://www.kb.cert.org/vuls/id/250358


*** DSA-2851 drupal6 ***
---------------------------------------------
impersonation
---------------------------------------------
http://www.debian.org/security/2014/dsa-2851


*** IBM Financial Transaction Manager multiple vulnerabilities ***
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/90584
http://xforce.iss.net/xforce/xfdb/90585
http://xforce.iss.net/xforce/xfdb/90586
http://xforce.iss.net/xforce/xfdb/90612


*** Security Bulletin: Cross-Site Request Forgery in IBM InfoSphere Master Data Management - Collaborative Edition (CVE-2013-5427) ***
---------------------------------------------
Due to insufficient safeguards against cross-site request forgery, an attacker can trick a legitimate user into opening a URL that results in an action being taken as that user, potentially without the knowledge of that user. Any actions taken require that the legitimate user be already authenticated or to authenticate separately as part of the attack.
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg21663181