[CERT-daily] Tageszusammenfassung - Donnerstag 11-09-2014

Daily end-of-shift report team at cert.at
Thu Sep 11 18:08:52 CEST 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 10-09-2014 18:00 − Donnerstag 11-09-2014 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl



*** iOS 8 stopft Hintertüren weitestgehend ***
---------------------------------------------
Apple hat die für Diagnosezwecke gedachten Systemdienste in iOS 8 grösstenteils abgeschottet, berichtet ein Sicherheitsforscher. Bislang lassen sich darüber zahlreiche Nutzerdaten auslesen.
---------------------------------------------
http://www.heise.de/security/meldung/iOS-8-stopft-Hintertueren-weitestgehend-2389447.html




*** Multiple vulnerabilities in Juniper products ***
---------------------------------------------
http://kb.juniper.net/index?page=content&id=JSA10646
http://kb.juniper.net/index?page=content&id=JSA10645
http://kb.juniper.net/index?page=content&id=JSA10647




*** IBM Security Bulletin: Fixes available for Security Vulnerabilities in IBM WebSphere Portal (CVE-2014-4762; CVE-2014-4792) ***
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_fixes_available_for_security_vulnerabilities_in_ibm_websphere_portal_cve_2014_4762_cve_2014_4792?lang=en_us




*** Apache Warns of Tomcat Remote Code Execution Vulnerability ***
---------------------------------------------
Some older versions of Apache Tomcat, the company's open source web server and servlet container, are vulnerable to remote code execution.
---------------------------------------------
http://threatpost.com/apache-warns-of-tomcat-remote-code-execution-vulnerability/108192




*** IBM Security Bulletin: Administrator password can be reset without authentication on SAN Volume Controller and Storwize Family (CVE-2014-4811) ***
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_administrator_password_can_be_reset_without_authentication_on_san_volume_controller_and_storwize_family_cve_2014_4811




*** AIX OpenSSL Denial of Service due to double free ***
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/aix_openssl_denial_of_service_due_to_double_free




*** Cisco Unified Communications Manager GLIBC Arbitrary Code Execution Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-5119




*** Cisco TelePresence System MXP Series Software Denial of Service Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3362




*** SA-CONTRIB-2014-087 - Drupal Commerce - Information disclosure ***
---------------------------------------------
Drupal Commerce is used to build eCommerce websites and applications of all sizes. The commerce_order module can be used to create new user accounts where email addresses are used as user names. Since user names are not considered ..
---------------------------------------------
https://www.drupal.org/node/2336357




*** Oracle MySQL Server MyISAM code execution ***
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/95881




*** Swiss economy makes online security its priority ***
---------------------------------------------
Switzerland is one of the safest countries in the world. To make also the Internet a secure place in Switzerland, the Swiss online economy has started the Swiss Internet ..
---------------------------------------------
http://securityblog.switch.ch/2014/09/11/swiss-economy-makes-online-security-its-priority/




*** SHA1 deprecation: what you need to know ***
---------------------------------------------
The news is that SHA1, a very popular hashing function, is on the way out. Strictly speaking, this development is not new. The first signs of weaknesses in SHA1 appeared (almost) ten years ago. In 2012, some calculations showed how breaking SHA1 is becoming feasible for those who can afford it. In November 2013, Microsoft announced that they wouldnt be accepting SHA1 certificates after 2016.
---------------------------------------------
http://blog.ivanristic.com/2014/09/sha1-deprecation-what-you-need-to-know.html




*** Tabnabbing: A New Type of Phishing Attack ***
---------------------------------------------
Most phishing attacks depend on an original deception. If you detect that you are at the wrong URL, or that something is amiss on a page, the chase is up. You've escaped the attackers. In fact, the time that wary people are most wary is exactly when they first navigate to a site. What we don't expect is that a page we've been looking at will change behind our backs, when we aren't looking. That'll catch us by surprise.
---------------------------------------------
http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/




*** Sicherheitslücke in vielen WordPress-Themes ***
---------------------------------------------
Ein Fehler im beliebten Plug-in Slider Revolution erlaubt es, beliebige Dateien vom Webserver herunterzuladen. Damit kann ein Angreifer im schlimmsten Fall den ganzen Server kompromittieren. Das Plug-in ist in einer grossen Zahl von Themes fest verbaut.
---------------------------------------------
http://www.heise.de/security/meldung/Sicherheitsluecke-in-vielen-WordPress-Themes-2390055.html




*** A system that facilitates malware identification in smartphones ***
---------------------------------------------
The tool, developed by these UC3M researchers, baptized DENDROID and detailed in a study published in the review Expert Systems with Applications, allows security analysts to scrutinize a large quantity of apps to determine the origins of a malware sample and the family to which it belongs.
---------------------------------------------
http://www.alphagalileo.org/ViewItem.aspx?ItemId=145206




*** Home Articles PCI Updates Skimming Prevention Guide - Best Practices for Protecting Merchants from POS Attacks ***
---------------------------------------------
At a time when retailers are seeing a surge in point-of-sale breaches, The PCI Security Standards Council has released an update to its guidance for merchants on protecting against card skimming attacks in POS environments.
---------------------------------------------
http://www.bankinfosecurity.co.uk/pci-updates-skimming-prevention-guide-a-7300




*** Key Flaw Enables Recovery of Files Encrypted by TorrentLocker ***
---------------------------------------------
Crypto ransomware, a relatively unknown phenomenon a couple of years ago, has exploded into one of the nastier malware problems for Internet users. Variants such as CryptoLocker and CryptoWall have been siphoning money from victims for some time, and now researchers have dissected a newer ..
---------------------------------------------
http://threatpost.com/key-flaw-enables-recovery-of-files-encrypted-by-torrentlocker/108210





More information about the Daily mailing list