[CERT-daily] Tageszusammenfassung - Freitag 14-11-2014

Fri Nov 14 18:09:11 CET 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 13-11-2014 18:00 − Freitag 14-11-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Network Hijackers Exploit Technical Loophole ***
---------------------------------------------
Spammers have been working methodically to hijack large chunks of Internet real estate by exploiting a technical and bureaucratic loophole in the way that various regions of the globe keep track of the worlds Internet address ranges.
---------------------------------------------
http://krebsonsecurity.com/2014/11/network-hijackers-exploit-technical-loophole/


*** BASHLITE Affects Devices Running on BusyBox ***
---------------------------------------------
When news of the Shellshock vulnerability broke out at the end of September, we spotted several attacks that leveraged the said vulnerability, thus manifesting the prevalence or even evolution on how attackers used the ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/bashlite-affects-devices-running-on-busybox/


*** OnionDuke: APT Attacks Via the Tor Network ***
---------------------------------------------
Recently, research was published identifying a Tor exit node, located in Russia, that was consistently and maliciously modifying any uncompressed Windows executables downloaded through it. Naturally this piqued our interest, so we decided to peer down the rabbit hole. Suffice to say, the hole was a lot deeper than we expected! In fact, it went all the way ..
---------------------------------------------
http://www.f-secure.com/weblog/archives/00002764.html


*** The Art of Website Malware Removal - The Basics ***
---------------------------------------------
When talking about defense against malicious hacks, the attack vector is a common topic for Information Security (InfoSec) professionals. The primary concern is to understand the anatomy of the attack and prevent it from happening ..
---------------------------------------------
http://blog.sucuri.net/2014/11/the-art-of-website-malware-removal-the-basics.html


*** Android 5: Lollipop verschlüsselt - noch besser ***
---------------------------------------------
Mehr Sicherheit für persönliche Daten: Ab Android 5.0 aktiviert Google die automatische Verschlüsselung. Es ist nur eine von vielen zusätzlichen Sicherheitsfunktionen in Lollipop. 
---------------------------------------------
http://www.golem.de/news/android-5-lollipop-verschluesselt-noch-besser-1411-110547.html


*** Gefälschte iOS-Apps: Apple sind keine Angriffe bekannt ***
---------------------------------------------
Apple sieht nach einer Warnung vor Hacker-Angriffen mit gefälschten iOS-Apps keinen akuten Handlungsbedarf. "Uns sind keine Kunden bekannt, die von einer solchen Attacke betroffen gewesen wären", erklärte der Konzern gegenüber ..
---------------------------------------------
http://www.heise.de/security/meldung/Gefaelschte-iOS-Apps-Apple-sind-keine-Angriffe-bekannt-2457188.html


*** Son of Stuxnet - The Digital Hunt for Duqu, a Dangerous and Cunning U.S.-Israeli Spy Virus ***
---------------------------------------------
Boldizsar Bencsath took a bite from his sandwich and stared at his computer screen. The software he was trying to install on his machine was taking forever to load, and he still had a dozen things to do before the Fall 2011 semester began at the Budapest University of Technology and Economics, where ..
---------------------------------------------
https://firstlook.org/theintercept/2014/11/12/stuxnet/


*** Android und iPhone beim Mobile Pwn2Own gefällt ***
---------------------------------------------
Alle drei grossen Mobil-Betriebssysteme sind bei der diesjährigen Mobile-Ausgabe von HPs Pwn2Own-Wettbewerb erfolgreichen Hacks zum Opfer gefallen. Der Angriff auf Windows Phone ist dabei allerdings im Vergleich noch eher harmlos.
---------------------------------------------
http://www.heise.de/security/meldung/Android-und-iPhone-beim-Mobile-Pwn2Own-gefaellt-2457183.html


*** SChannel Update and Experimental Vulnerability Scanner (MS14-066), (Fri, Nov 14th) ***
---------------------------------------------
Just a quick update on the SChannel problem (MS14-066, CVE-2014-6321). So far, there is still no public available exploit for the vulnerability, and details are still sparse. But apparently, there is some progress in developing a ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=18953