[CERT-daily] Tageszusammenfassung - Donnerstag 15-05-2014

Daily end-of-shift report team at cert.at
Thu May 15 18:12:23 CEST 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 14-05-2014 18:00 − Donnerstag 15-05-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Robert Waldner



*** VOBFUS Evolves, Adds Multiple Languages ***
---------------------------------------------
VOBFUS malware is known for its polymorphic abilities, which allow for easy generation of new variants. We recently came across one variant that replaces these abilities for one never seen in VOBFUS malware before - the ability to 'speak'  ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/vobfus-evolves-adds-multiple-languages/



*** Zeus - Reach Expands With New Webinjects ***
---------------------------------------------
The peer-to-peer version of Zeus was especially busy in the first quarter with infections reported by banks in 10 countries that previously had ..
---------------------------------------------
http://threatpost.com/zeus-reach-expands-with-new-webinjects/106092




*** Blog: Fake antivirus - attack of the clones ***
---------------------------------------------
http://www.securelist.com/en/blog/8221/Fake_antivirus_attack_of_the_clones




*** Placebo-Virenschutz jetzt auch für Windows Phone ***
---------------------------------------------
Augen auf beim Virenscanner-Kauf: Auch im Windows-Phone-Store wimmelt es nur so von Apps, die rein gar nichts tun - ausser Geld zu kosten.
---------------------------------------------
http://www.heise.de/security/meldung/Placebo-Virenschutz-jetzt-auch-fuer-Windows-Phone-2190382.html




*** Facebook-Virus schürft verdeckt Kryptomünzen ***
---------------------------------------------
Der zuerst in Norwegen aufgetauchte Schadcode verbreitet sich über Facebook-Nachrichten und infiziert seine Opfer, wenn diese eine angehängte Datei öffnen. Ist der Schadcode auf dem System, wird dieses deutlich ..
---------------------------------------------
http://www.heise.de/security/meldung/Facebook-Virus-schuerft-verdeckt-Kryptomuenzen-2190556.html




*** Firms must protect against malicious ads ***
---------------------------------------------
The Senate warned Google, Yahoo and other leading technology companies Thursday they need to better protect consumers from hackers exploiting their lucrative online advertising networks or risk new legislation that would force them to do so.
---------------------------------------------
http://m.apnews.com/ap/db_15897/contentdetail.htm?contentguid=8dJLuw6G




*** Bugtraq: CSRF and Remote Code Execution in EGroupware ***
---------------------------------------------
http://www.securityfocus.com/archive/1/532103




*** SSA-839231: Incorrect Certificate Verification in Ruggedcom ROX-based Devices ***
---------------------------------------------
https://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-839231.pdf




Multiple vulnerabilities in Juniper products
---------------------------------------------
http://kb.juniper.net/index?page=content&id=JSA10627
http://kb.juniper.net/index?page=content&id=JSA10626
http://kb.juniper.net/index?page=content&id=JSA10625




Multiple vulnerabilities in Drupal third-party-modules
---------------------------------------------
https://drupal.org/node/2267539
https://drupal.org/node/2267485
https://drupal.org/node/2267381
https://drupal.org/node/2267481


More information about the Daily mailing list