[CERT-daily] Tageszusammenfassung - Mittwoch 29-01-2014

Wed Jan 29 18:11:31 CET 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 28-01-2014 18:00 − Mittwoch 29-01-2014 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Introducing ModSecurity Status Reporting ***
---------------------------------------------
The Trustwave SpiderLabs Research team is committed to making ModSecurity the best open source WAF possible. To this end, we have deployed Buildbot platforms and revamped regression tests for our different ports to ensure code quality and reliability. But we want to take it even further. The question is, how else can we improve ModSecurity development and support? To best answer that question, we need some basic insight into the ModSecurity user community:  How many ModSecurity deployments are...
---------------------------------------------
http://blog.spiderlabs.com/2014/01/introducing-modsecurity-status-reporting.html


*** Defending Against Tor-Using Malware, Part 1 ***
---------------------------------------------
In the past few months, the Tor anonymity service as been in the news for various reasons. Perhaps most infamously, it was used by the now-shuttered Silk Road underground marketplace. We delved into the topic of the Deep Web in a white paper titled Deepweb and Cybercrime. In our 2014 predictions, we noted that cybercriminals would go deeper...
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/F4F76IP9KP8/


*** Eyeing SpyEye ***
---------------------------------------------
Earlier this week, it was announced by the United States Department of Justice that the creator of the notorious SpyEye banking malware, Aleksandr Andreevich Panin (also known as Gribodemon or Harderman), had pleaded guilty before a federal court to charges related to creating and distributing SpyEye. Trend Micro was a key part of this investigation...
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/4eIEz-KJvXo/


*** This tool demands access to YOUR ENTIRE DIGITAL LIFE. Is it from GCHQ? No - its by IKEA ***
---------------------------------------------
Order a flat-pack kitchen, surrender your HDDs contents If the Target hack - along with all its predecessors - taught us anything, its that the database isnt the vulnerability. Its the data thats the problem.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2014/01/29/ikea_demands_access_all_areas_for_kitchen_tool/


*** Botnetz nutzt Lücke in alten Java-Versionen ***
---------------------------------------------
Sicherheitsexperten haben Schadsoftware entdeckt, die eine vor Monaten geschlossene Java-Lücke ausnutzt, um ein Botnetz aufzubauen. Das Programm läuft auf Windows, Linux und Mac OSX; Abhilfe ist einfach möglich.
---------------------------------------------
http://www.heise.de/security/meldung/Botnetz-nutzt-Luecke-in-alten-Java-Versionen-2099839.html


*** Cisco Network Time Protocol Distributed Reflective Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability in the Network Time Protocol (NTP) package of several Cisco products could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5211


*** Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0680
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0681


*** WordPress WebEngage Plugin Multiple Cross-Site Scripting Vulnerabilities ***
---------------------------------------------
Multiple vulnerabilities have been discovered in the WebEngage plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
---------------------------------------------
https://secunia.com/advisories/56700