[CERT-daily] Tageszusammenfassung - Mittwoch 23-12-2015

Wed Dec 23 18:03:58 CET 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 22-12-2015 18:00 − Mittwoch 23-12-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

*** 2015 Ransomware Wrap-Up ***
---------------------------------------------
Heres a rundown of the innovative ransomware that frightened users and earned attackers big bucks this year.
---------------------------------------------
http://www.darkreading.com/endpoint/2015-ransomware-wrap-up/d/d-id/1323424

*** 3-in-1 Malware Infection through Spammed JavaScript Attachments ***
---------------------------------------------
Recently weve observed a massive uptick of malicious spam with JavaScript attachments with an intention to spread and infect Windows systems with variety of malicious executables. The spam usually contains a ZIP file attachment containing only one JavaScript file. The ..
---------------------------------------------
https://www.trustwave.com/Resources/SpiderLabs-Blog/3-in-1-Malware-Infection-through-Spammed-JavaScript-Attachments/

*** IT bloke: Crooks stole my bikes after cycling app blabbed my address ***
---------------------------------------------
Brit suffers from GPS accuracy An IT manager in Manchester, England, says thieves stole his bikes after a smartphone cycling app pinpointed the location of his garage ..
---------------------------------------------
www.theregister.co.uk/2015/12/22/it_manager_loses_bikes_after_cycling_app_pinpoints_home/

*** Xen Project blunder blows own embargo with premature bug report ***
---------------------------------------------
Malicious guest could eat your virtual rigs from the inside The Xen Project has reported a new bug, XSA-169, that means 'A malicious guest could cause repeated logging to the hypervisor console, leading to a Denial of Service attack.' ..
---------------------------------------------
www.theregister.co.uk/2015/12/23/xen_blunder_blows_own_embargo_with_premature_bug_report/

*** Expect Phishers to Up Their Game in 2016 ***
---------------------------------------------
Expect phishers and other password thieves to up their game in 2016: Both Google and Yahoo! are taking steps to kill off the password as we know it.New authentication methods now offered by Yahoo! and to a beta group of Google users let customers log in just by supplying their email address, and then responding to a notification sent to their mobile device.
---------------------------------------------
http://krebsonsecurity.com/2015/12/expect-phishers-to-up-their-game-in-2016

*** Why it's harder to forge a SHA-1 certificate than it is to find a SHA-1 collision ***
---------------------------------------------
It's well known that SHA-1 is no longer considered a secure cryptographic hash function. Researchers now believe that finding a hash collision (two values that result in the same value when SHA-1 is applied) is inevitable and likely to happen in a matter of months. This poses a potential threat to trust on the web, as many websites use certificates that are digitally signed with algorithms that rely on SHA-1. Luckily for everyone, finding a hash collision is not enough to forge a digital
---------------------------------------------
https://blog.cloudflare.com/why-its-harder-to-forge-a-sha-1-certificate-than-it-is-to-find-a-sha-1-collision/

*** Cyberangriffe auf türkische Internetserver ***
---------------------------------------------
Unklare Hintergründe - Steckt Russland dahinter? Oder Anonymous?
---------------------------------------------
http://derstandard.at/2000028013290

*** Hacker: Filmstars mit Problemen im Netz ***
---------------------------------------------
Brandneue Spielfilme wie der jüngste Western von Quentin Tarantino sind im Internet aufgetaucht. Eine Reihe weiterer Stars hat ganz andere Probleme: Ein Hacker ist an Sexvideos und persönliche Daten von ihnen gelangt - er wurde allerdings nun verhaftet. 
---------------------------------------------
http://www.golem.de/news/hacker-filmstars-mit-problemen-im-netz-1512-118179.html

*** How a security director used a rootkit to rig the lottery and steal millions of dollars ***
---------------------------------------------
Not too long ago, Eddie Tipton was convicted of hacking into the Multi-State Lottery Association's computer system in order to rig a nearly $17 million jackpot in Iowa. Now comes word that an investigation into Tipton's hacking activities is expanding to include a number of other states. Thus far, lottery officials from Colorado, Wisconsin and Oklahoma have indicated that Tipton may have also gamed lottery jackpots in their respective states.
---------------------------------------------
https://bgr.com/2015/12/23/lottery-hacker-rootkit-stolen-numbers-investigation/

*** Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities ***
---------------------------------------------
This advisory contains mitigation details for NTP daemon vulnerabilities in the Siemens RUGGEDCOM ROX-based devices.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-15-356-01

Aufgrund der Weihnachtsfeiertage erscheint der nächste End-of-Shift Report erst am 28.12.2015.