[CERT-daily] Tageszusammenfassung - Mittwoch 7-05-2014

Daily end-of-shift report team at cert.at
Wed May 7 18:17:35 CEST 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 06-05-2014 18:00 − Mittwoch 07-05-2014 18:00
Handler:     L. Aaron Kaplan
Co-Handler:  Stephan Richter




*** TLS 1.3 Working Group Has Consensus to Deprectate RSA Key Transport ***
---------------------------------------------
RSA key transport cipher suites could be deprecated in TLS 1.3 in favor of Diffie-Hellman Exchange or Elliptic curve Diffie-Hellman.
---------------------------------------------
http://threatpost.com/tls-1-3-working-group-has-consensus-to-deprectate-rsa-key-transport/105916




*** Antivirus is Dead: Long Live Antivirus! ***
---------------------------------------------
An article in The Wall Street Journal this week quoted executives from antivirus pioneer Symantec uttering words that would have been industry heresy a few years ago, declaring antivirus software "dead" and stating that the company is focusing on developing technologies that attack online threats from a different angle. This hardly comes as news for anyone in the security industry whos been paying attention over the past few years, but Im writing about it because this is a great
---------------------------------------------
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/INOFThmd17Q/




*** Sicherheit im Fokus der Linuxwochen in Wien ***
---------------------------------------------
Von 8. bis 10. Mai finden auf der FH Technikum Wien zahlreiche Vorträge und Workshops zu Linux, Open Data und Open Source statt.
---------------------------------------------
http://futurezone.at/digital-life/sicherheit-im-fokus-der-linuxwochen-in-wien/64.252.888




*** Video: NEXT Berlin ***
---------------------------------------------
Mikko spoke at NEXT Berlin yesterday:And the video is now online: Arms Race. [24m15s] On 06/05/14 At 12:31 PM
---------------------------------------------
http://www.f-secure.com/weblog/archives/00002701.html




*** Erpressungstrojaner drohen Android-Nutzern ***
---------------------------------------------
Sicherheitsforscher haben den ersten Trojaner entdeckt, der Android-Geräte befällt und von seinen Opfern Lösegeld erpresst. Der Schadcode mit dem Namen Koler.A befällt bereits Smartphones weltweit.
---------------------------------------------
http://www.heise.de/security/meldung/Erpressungstrojaner-drohen-Android-Nutzern-2183800.html




*** Security: Gegen die Angst vor Angriffen aufs Smartphone ***
---------------------------------------------
Für das Re:publica-Publikum haben die Sicherheitsexperten Linus Neumann und Ben Schlabs ein paar Tipps parat, wie Smartphones gesichert werden können. Und sie zeigen, wie Siri als Einbruchhelfer missbraucht werden kann.
---------------------------------------------
http://www.golem.de/news/security-gegen-die-angst-vor-angriffen-aufs-smartphone-1405-106313-rss.html




*** Hintergrund: SSL-Fuzzing mit "Frankencerts" ***
---------------------------------------------
Durch das Zusammenstückeln von Tausenden von echten SSL-Zertifikaten zu über acht Millionen "Frankencerts" haben Forscher Lücken in gängigen SSL-Bibliotheken gefunden.
---------------------------------------------
http://www.heise.de/security/artikel/SSL-Fuzzing-mit-Frankencerts-2166135.html




*** New DNS Spoofing Technique: Why we havent covered it., (Wed, May 7th) ***
---------------------------------------------
The last couple of days, a lot of readers sent us links to articles proclaiming yet another new flaw in DNS. "Critical Vulnerability in BIND Software Puts DNS Protocol Security At Risk" [1] claimed one article, going forward to state: "The students have found a way to compel DNS servers to connect with a specific server controlled by the attacker that could respond with a false IP address. “ So how bad is this really? First of all, here is a the
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=18079&rss




*** OpenBSD-Entwickler bezweifeln angebliche OpenSSH-Schwachstelle ***
---------------------------------------------
Der Exploit soll so schlimm wie der SSL-GAU Heartbleed sein und die wichtige Unix-Bibliothek OpenSSH betreffen. Allerdings sagen viele Entwickler, dass die Lücke wahrscheinlich nicht existiert.
---------------------------------------------
http://www.heise.de/security/meldung/OpenBSD-Entwickler-bezweifeln-angebliche-OpenSSH-Schwachstelle-2184431.html




*** Advanced Evasion Techniques (AET) a Major Concern for CIOs ***
---------------------------------------------
According to a new Vanson Bourne study sponsored by McAfee, CIOs are adding yet another threat to their ever-growing list of network security concerns: Advanced Evasion Techniques, or AETs. Unlike Advanced Persistent Threats (APTs) and other advanced malware, Advanced Evasion Techniques are not types of malicious software. Rather, they are a technique used by threat [...]The post Advanced Evasion Techniques (AET) a Major Concern for CIOs appeared first on Seculert Blog on Advanced Threats and
---------------------------------------------
http://www.seculert.com/blog/2014/05/advanced-evasion-techniques-aet-a-major-concern-for-cios.html




*** ABB Relion 650 Series OpenSSL Vulnerability ***
---------------------------------------------
ABB has identified an OpenSSL vulnerability in its Relion 650 series application. ABB is in the process of creating a patch that mitigates this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-14-126-01




*** Security Advisory- BootRom Menu and Boot Menu Vulnerabilities on Huawei Campus Switches ***
---------------------------------------------
Some versions of Huawei Campus S7700/S9300/S9700 switches are affected by the BootRom and Boot Menu vulnerability.
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-334629.htm




*** VU#902790: Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability ***
---------------------------------------------
Vulnerability Note VU#902790 Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability Original Release date: 07 May 2014 | Last revised: 07 May 2014   Overview Fortinet Fortiweb prior to version 5.2.0 do not sufficiently verify whether a valid request was intentionally provided by the user, which results in a cross-site request forgery (CSRF) vulnerability. (CWE-352)  Description CWE-352: Cross-Site Request Forgery (CSRF)Fortinet Fortiweb prior to version 5.2.0 do not...
---------------------------------------------
http://www.kb.cert.org/vuls/id/902790




*** HPSBMU02994 rev.4 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information ***
---------------------------------------------
A potential security vulnerability has been identified in HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information.
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04236062


More information about the Daily mailing list