[CERT-daily] Tageszusammenfassung - Mittwoch 8-01-2014

Daily end-of-shift report team at cert.at
Wed Jan 8 18:10:50 CET 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 07-01-2014 18:00 − Mittwoch 08-01-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Stephan Richter




*** 64-bit ZBOT Leverages Tor, Improves Evasion Techniques ***
---------------------------------------------
Reports have surfaced that ZeuS/ZBOT, the notorious online banking malware, is now targeting 64-bit systems. During our own investigation, we have confirmed that several ZBOT 32-bit samples (detected as TSPY_ZBOT.AAMV) do have an embedded 64-bit version (detected as TSPY64_ZBOT.AANP). However, our investigation also lead us to confirm other noteworthy routines of the malware, including its...
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/RjjdkzMleq4/




*** Malicious Ads on DailyMotion Redirect to Fake AV Attack ***
---------------------------------------------
Popular video-sharing site DailyMotion is serving malicious ads that redirect site visitors to domains hosting Fake AV malware, security firm Invincea reports.
---------------------------------------------
http://threatpost.com/malicious-ads-on-dailymotion-redirect-to-fake-av-attack/103494




*** Einbruch in die Opensuse-Foren ***
---------------------------------------------
Die öffentlichen Opensuse-Foren sind Opfer eines Angriffs geworden und derzeit abgeschaltet.
---------------------------------------------
http://www.heise.de/security/meldung/Einbruch-in-die-Opensuse-Foren-2078128.html




*** Yahoo Mail: Verschlüsselung wird endlich Default ***
---------------------------------------------
Alle Kommunikation mit Webmail-Service nun per HTTPS abgesichert - Aber kein Perfect Forward Secrecy
---------------------------------------------
http://derstandard.at/1388650341295




*** Satellite Links for Remote Networks May Pose Soft Target for Attackers ***
---------------------------------------------
Land-based terminals that send data to satellites may pose a soft target for hackers, an analysis from a computer security firm shows. VSATs, an abbreviation for "very small aperture terminals," supply Internet access to remote locations, enabling companies to transmit data from an isolated network to an organizations main one. The devices are used in a variety of industries, including energy, financial services and defense.
---------------------------------------------
http://www.cio.com/article/745580/Satellite_Links_for_Remote_Networks_May_Pose_Soft_Target_for_Attackers




*** Linux Kernel, Font Bugs Fixed in Ubuntu ***
---------------------------------------------
A huge number of security vulnerabilities have been fixed in Ubuntu, including a remotely exploitable font flaw that an attacker could use to run arbitrary code on vulnerable machines. A number of Linux kernel flaws also were patched in some versions of the operating system. The font vulnerability affects five different versions of Ubuntu, including...
---------------------------------------------
http://threatpost.com/linux-kernel-font-bugs-fixed-in-ubuntu/103500




*** VU#487078: QNAP QTS path traversal vulnerability ***
---------------------------------------------
Vulnerability Note VU#487078 QNAP QTS path traversal vulnerability Original Release date: 08 Jan 2014 | Last revised: 08 Jan 2014   Overview QNAP QTS 4.0.3 and possibly earlier versions contain a path traversal vulnerability.  Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) - CVE-2013-7174QNAP QTS is a Network-Attached Storage (NAS) system accessible via a web interface. QNAP QTS 4.0.3 and possibly earlier versions contain a path traversal...
---------------------------------------------
http://www.kb.cert.org/vuls/id/487078




*** Vuln: Cisco Unified Communications Manager Unauthorized Access Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/64690




*** HP 2620 Switch Series Cross-Site Request Forgery Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/56290


More information about the Daily mailing list