[CERT-daily] Tageszusammenfassung - Mittwoch 19-03-2014

Wed Mar 19 19:00:36 CET 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 18-03-2014 18:00 − Mittwoch 19-03-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Stephan Richter


*** Apache Update Resolves Security Vulnerabilities ***
---------------------------------------------
Apache has released version 2.4.9 of its ubiquitous HTTP web server (HTTPD), resolving two security vulnerabilities and a number of other bugs in the process.
---------------------------------------------
http://threatpost.com/apache-update-resolves-security-vulnerabilities/104849


*** Ebury-Rootkit: Zombie-Server greifen täglich eine halbe Million Rechner an ***
---------------------------------------------
Zu den Opfern der Malware-Kampagne "Operation Windigo" gehören unter anderem kernel.org und cPanel. Die mit dem Ebury-Rootkit infizierten Server versenden Spam und attackieren Besucher der kompromittierten Webseiten.
---------------------------------------------
http://www.heise.de/security/meldung/Ebury-Rootkit-Zombie-Server-greifen-taeglich-eine-halbe-Million-Rechner-an-2149609.html


*** Wide Gap Between Attackers, BIOS Forensics Research ***
---------------------------------------------
Advanced attackers are ahead of researchers when it comes to understanding firmware vulnerabilities and BIOS forensics, experts from MITRE and Intel said during last weeks CanSecWest.
---------------------------------------------
http://threatpost.com/wide-gap-between-attackers-bios-forensics-research/104852


*** Avast-Toolbar mit Shopping-Spion ***
---------------------------------------------
Die Browser-Toolbar, die unter anderem mit der Antivirensoftware auf den Rechner gelangt, schaut dem Nutzer beim Einkaufen über die Schulter und baut Konkurrenzangebot in die Shop-Seiten ein.
---------------------------------------------
http://www.heise.de/security/meldung/Avast-Toolbar-mit-Shopping-Spion-2149646.html


*** Data suggests Android malware threat greatly overhyped ***
---------------------------------------------
Its no secret that many in the security industry perceive Google Inc.s Android mobile platform to be plagued by malware, but Android security team lead Adrian Ludwig has made it his mission to eradicate the disingenuous meme of the burgeoning Android malware apocalypse.
---------------------------------------------
http://searchsecurity.techtarget.com/news/2240216335/Data-suggests-Android-malware-threat-greatly-overhyped


*** Mailingliste Full Disclosure macht dicht ***
---------------------------------------------
Die bekannte Sicherheits-Mailingliste wurde von ihrem Betreiber bis auf weiteres geschlossen. Full Disclosure war in der Vergangenheit immer wieder Schauplatz der Enthüllung wichtiger Sicherheitslücken.
---------------------------------------------
http://www.heise.de/security/meldung/Mailingliste-Full-Disclosure-macht-dicht-2150127.html


*** 10 Years of Mobile Malware: How Secure Are You? ***
---------------------------------------------
Believe it or not, but it has been 10 years since the first mobile malware was created! On the infographic below, you can see a brief overview of the most important malware events in the past 10 years, with a short description of each of them.
---------------------------------------------
https://www.linkedin.com/today/post/article/20140316112657-67886711-10-years-of-mobile-malware-how-secure-are-you


*** New Exploits Arrive for Old PHP Vulnerability ***
---------------------------------------------
New exploits for a two-year-old PHP vulnerability popped up in October that allow hackers to run code on websites running vulnerable versions of the web development framework.
---------------------------------------------
http://threatpost.com/new-exploits-arrive-for-old-php-vulnerability/104881


*** Fake Tor browser for iOS laced with adware, spyware, members warn ***
---------------------------------------------
Title available since November raises questions about App Store vetting process.
---------------------------------------------
http://feeds.arstechnica.com/~r/arstechnica/security/~3/qB_-ioinSh4/


*** WordPress Subscribe To Comments Reloaded Plugin Cross-Site Request Forgery Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/57015


*** Moodle Multiple Security Issues and Multiple Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/57331


*** Samba smbcacls security bypass ***
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/91849