[CERT-daily] Tageszusammenfassung - Freitag 17-01-2014

Daily end-of-shift report team at cert.at
Fri Jan 17 18:07:06 CET 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 16-01-2014 18:00 − Freitag 17-01-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Robert Waldner

*** JS-Binding-Over-HTTP Vulnerability and JavaScript Sidedoor: Security Risks Affecting Billions of Android App Downloads ***
---------------------------------------------
Third-party libraries, especially ad libraries, are widely used in Android apps. Unfortunately, many of them have security and privacy issues. In this blog, we summarize our findings related to the insecure usage of JavaScript binding in ad libraries.
---------------------------------------------
http://www.fireeye.com/blog/technical/2014/01/js-binding-over-http-vulnerability-and-javascript-sidedoor.html




*** ECAVA INTEGRAXOR BUFFER OVERFLOW VULNERABILITY ***
---------------------------------------------
Overview: This advisory is a follow-up to the alert titled ICS-ALERT-14-015-01 Ecava IntegraXor Buffer Overflow Vulnerability that was published January 15, 2014, on the NCCIC/ICS-CERT Web site.
Independent researcher Luigi Auriemma identified a buffer overflow vulnerability in the Ecava IntegraXor application without coordination with NCCIC/ICS-CERT, the vendor, or any other coordinating entity known to NCCIC/ICS-CERT. Ecava has produced a patch version that mitigates this vulnerability.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-14-016-01




*** A Closer Look at the Target Malware, Part II ***
---------------------------------------------
Yesterdays story about the point-of-sale malware used in the Target attack has prompted a flood of reporting from antivirus and security vendors. Buried within those reports are some interesting details that speak to possible actors involved and to the timing and discovery of this breach.
---------------------------------------------
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/V1LusjgMQk8/





*** HPSBUX02961 SSRT101420 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) ***
---------------------------------------------
A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS).
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04085336




*** Thingbot: Botnetz infiziert Kühlschrank ***
---------------------------------------------
Ein US-Sicherheitsunternehmen hat ein Botnetz enttarnt. Das Besondere daran ist, dass etwa ein Viertel der infizierten Geräte keine Computer sind, sondern andere Internet-fähige Geräte - darunter ein Kühlschrank. (Spam, Malware)
---------------------------------------------
http://www.golem.de/news/thingbot-botnetz-infiziert-kuehlschrank-1401-103978-rss.html




*** Microsoft löscht Tor-Software nach Trojaner-Befall ***
---------------------------------------------
Von mehreren hunderttausend Windows-PCs hat Microsoft veraltete Tor-Software gelöscht, die ein Trojaner installiert hatte. Auf bis zu zwei Millionen Rechnern soll der heimlich eingerichtete Dienst immer noch aktiv sein.
---------------------------------------------
http://www.heise.de/security/meldung/Microsoft-loescht-Tor-Software-nach-Trojaner-Befall-2088160.html




*** Oldboot: the first bootkit on Android ***
---------------------------------------------
A few days ago, we found an Android Trojan using brand new method to modify devices boot partition and booting script file to launch system service and extract malicious application during the early stage of systems booting. Due to the special RAM disk feature of Android devices boot partition, all current mobile antivirus product in the world can't completely remove this Trojan or effectively repair the system. We named this Android Trojan family as Oldboot. As far as we
---------------------------------------------
http://blogs.360.cn/360mobile/2014/01/17/oldboot-the-first-bootkit-on-android/






More information about the Daily mailing list