[CERT-daily] Tageszusammenfassung - Montag 26-05-2014

Mon May 26 18:40:09 CEST 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 23-05-2014 18:00 − Montag 26-05-2014 18:00
Handler:     Christian Wojner
Co-Handler:  Stephan Richter


*** Long run compromised accounting data based type of managed iframe-ing service spotted in the wild ***
---------------------------------------------
In a cybercrime ecosystem dominated by DIY (do-it-yourself) malware/botnet generating releases, populating multiple market segments on a systematic basis, cybercriminals continue seeking new ways to acquire and efficiently monetize fraudulently obtained accounting data, for the purpose of achieving a positive ROI (Return on Investment) on their fraudulent operations. In a series of blog posts, we've been detailing the existence of commercially available server-based malicious...
---------------------------------------------
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/HvVQ_hnfyXQ/


*** RAT in a jar: A phishing campaign using Unrecom + IOC's ***
---------------------------------------------
In the past two weeks, we have observed an increase in attack
activity against the U.S. state and local government, technology,
advisory services, health, and financial sectors through phishing
emails with what appears to be a remote access trojan (RAT) known as Unrecom. The attack has also been observed against the financial sector in Saudi Arabia and Russia.
---------------------------------------------
http://www.fidelissecurity.com/webfm_send/382 (PDF)
http://www.fidelissecurity.com/files/files/FTA1013_RAT_in_a_jar_IOCs.xlsx


*** Hackers claim MitM attack enables iCloud security feature bypass ***
---------------------------------------------
Hackers claim that the iOS Activation Lock, a feature that makes it harder for crooks to use and sell lost or stolen Apple mobile devices, can be bypassed in a MitM attack.
---------------------------------------------
http://feedproxy.google.com/~r/SCMagazineHome/~3/kJtdTS-KQeU/


*** US may block visas for Chinese hackers attending DefCon, Black Hat ***
---------------------------------------------
Organizers of those conferences skeptical of the move to exclude Chinese nationals.
---------------------------------------------
http://feeds.arstechnica.com/~r/arstechnica/security/~3/Cny7FF2H8rU/


*** Warnung vor Update-Hack für Windows XP ***
---------------------------------------------
Mit einem Trick kann man dem Update-Server von Microsoft vormachen, man betreibe eine Spezialversion von Windows XP, die noch bis April 2019 mit Updates versorgt wird. Das ist allerdings nicht ganz ungefährlich.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Warnung-vor-Update-Hack-fuer-Windows-XP-2197645.html/from/rss09?wt_mc=rss.ho.beitrag.rdf