[CERT-daily] Tageszusammenfassung - Montag 7-12-2015

Daily end-of-shift report team at cert.at
Mon Dec 7 18:04:30 CET 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 04-12-2015 18:00 − Montag 07-12-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a



*** OpenSSL-Sicherheits-Update und Abschied von Altlasten ***
---------------------------------------------
Im Rahmen eines Sicherheits-Updates verkündet das OpenSSL-Team, dass die Versionen 0.9.8 und 1.0.0 keine weiteren Updates mehr erhalten werden. Deren Nutzer sollten dringend auf neuere Versionen umsteigen.
---------------------------------------------
http://heise.de/-3032678




*** Bundestags-Hacker greifen weitere Nato-Staaten an ***
---------------------------------------------
Die professionellen Cyberattacken wurden mit hohem personellen und finanziellen Aufwand durchgeführt
---------------------------------------------
http://derstandard.at/2000026983302




*** Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl




*** Botconf 2015 Wrap-Up Day #3 ***
---------------------------------------------
And here is my wrap-up for the third day of the conference. Again a bunch of interesting talks. The first to join the floor was Yonathan Klijnsma who presented a nice history of the famous ransomware: Cryptowall. This ransomware has already ..
---------------------------------------------
https://blog.rootshell.be/2015/12/04/botconf-2015-wrap-up-day-3/




*** Between a Rock and a Hard Link ***
---------------------------------------------
In a previous blog post I described some of the changes that Microsoft has made to the handling of symbolic links from a sandboxed process. This has an impact on the exploitation of privileged file ..
---------------------------------------------
http://googleprojectzero.blogspot.com/2015/12/between-rock-and-hard-link.html




*** Microsoft assists law enforcement to help disrupt Dorkbot botnets ***
---------------------------------------------
Law enforcement agencies from around the globe, aided by Microsoft security researchers, have today announced the disruption of one of the most widely distributed malware families - Win32/Dorkbot. This malware family has infected more than ..
---------------------------------------------
http://blogs.technet.com/b/mmpc/archive/2015/12/03/microsoft-assists-law-enforcement-to-help-disrupt-dorkbot-botnets.aspx




*** Variety Jones, Alleged Silk Road Mentor, Arrested in Thailand ***
---------------------------------------------
Variety Jones, the alleged mentor and adviser to the Silk Roads creator, has finally been arrested in Thailand.
---------------------------------------------
http://www.wired.com/2015/12/variety-jones-alleged-silk-road-mentor-arrested-in-thailand/




*** A Micro-view of Macro Malware ***
---------------------------------------------
Dridex is a botnet with multiple features, it is most known for stealing people's credentials on finance-related web sites. Despite the arrest of the gang behind the ..
---------------------------------------------
http://labs.bromium.com/2015/12/03/a-micro-view-of-macro-malware/




*** Augen auf beim Weihnachts-Phish ***
---------------------------------------------
In der Hoffnung auf satte Gewinne haben Kriminelle kräftig in ein möglichst authentisches Erscheinungsbild ihrer Phishing-Kampagnen investiert. Es wird immer schwieriger, nicht auf die zum Teil fast perfekten Fälschungen hereinzufallen.
---------------------------------------------
http://heise.de/-3032829




*** Hello Barbie: Sicherheitsalbtraum im Kinderzimmer ***
---------------------------------------------
Interaktive Puppe für Kinder nun auch mit Lücken im Server und in der App
---------------------------------------------
http://derstandard.at/2000027045918




*** Netzwerk-Tools: Wireshark 2.0 und Nmap 7 veröffentlicht ***
---------------------------------------------
Passwort-Cracker hashcat nun Open-Source
---------------------------------------------
http://derstandard.at/2000027085336




*** GEOVAP Reliance 4 Control Server Unquoted Service Path Elevation Of Privilege ***
---------------------------------------------
The application suffers from an unquoted search path issue impacting the service RelianceOpcDaWrapper for Windows deployed as part of Reliance 4 SCADA/HMI system installer including Reliance OPC Server. This could potentially allow an authorized ..
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5285.php




*** Web Analytics Service vulnerable to cross-site scripting ***
---------------------------------------------
The JavaScript module for using Web Analytics Service which was provided by NTT DATA Smart Sourcing Corporation contains a cross-site scripting vulnerability.
---------------------------------------------
http://jvn.jp/en/jp/JVN70083512/




*** Thriving Beyond The Operating System: Financial Threat Group TargetsVolume Boot Record ***
---------------------------------------------
https://www.fireeye.com/blog/threat-research/2015/12/fin1-targets-boot-record.html




*** Yahoo Mail: Webbrowser führten beliebigen Code in E-Mails aus ***
---------------------------------------------
Nutzer, die mobil E-Mails von ihrem Yahoo-Konto abrufen, waren bedroht und Angreifer hätten ihnen ohne viel Aufwand Schadcode unterschieben können.
---------------------------------------------
http://heise.de/-3033689




*** UK research network Janet under ongoing and persistent DDoS attack ***
---------------------------------------------
Attackers seem to be adjusting methods in response to Tweets Publicly-funded academic computer network Janet has come under a persistent DDoS attack today, which hobbled multiple ..
---------------------------------------------
www.theregister.co.uk/2015/12/07/janet_under_persistent_ddos_attack/




*** Security Advisory: AOL Desktop MiTM Remote File Write and Code Execution ***
---------------------------------------------
AOL Desktop is "the all-in-one experience with mail, instant messaging, browsing, search, content, and dial-up connectivity". It is the direct successor of the old Windows AOL clients from the 1990s. Issues in AOL Desktop, version ..
---------------------------------------------
http://lizardhq.org/2015/12/05/aol-desktop.html


Aufgrund des Feiertages am morgigen Dienstag, den 08.12.2015, erscheint der nächste End-of-Shift Report erst am 09.12.2015.


More information about the Daily mailing list