[CERT-daily] Tageszusammenfassung - Donnerstag 5-02-2015

Thu Feb 5 18:06:36 CET 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 04-02-2015 18:00 − Donnerstag 05-02-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Zero-day in the Fancybox-for-WordPress Plugin ***
---------------------------------------------
Our research team was alerted to a possible malware outbreak affecting many WordPress websites. All the infections had a similar malicious iframe from '203koko' injected into the website. We were also directed to a forum thread ..
---------------------------------------------
http://blog.sucuri.net/2015/02/zero-day-in-the-fancybox-for-wordpress-plugin.html


*** SA-CONTRIB-2015-037 - Path Breadcrumbs - Access Bypass ***
---------------------------------------------
https://www.drupal.org/node/2420139


*** Analyzing CVE-2015-0313: The New Flash Player Zero Day ***
---------------------------------------------
Adobe has started rolling out an update to Flash Player which fixes the zero-day vulnerability we discussed earlier this week. This particular vulnerability can be exploited ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-cve-2015-0313-the-new-flash-player-zero-day


*** Russische Malware zielt auf iOS-Geräte, saugt alle Daten ab ***
---------------------------------------------
Die IT-Sicherheitsfirma "TrendLabs" berichtet, dass eine SpyWare namens XAgent sich mittlerweile auf iPhone und iPads ausgebreitet hat. Bereits vergangenes Jahr war von dem Schadprogramm die Rede, damals griff die Anwendung Windows-Rechner in Regierungsorganisationen, ..
---------------------------------------------
http://derstandard.at/2000011311181


*** Sicherheitsstandards ignoriert: BMW-Hack war vermeidbar ***
---------------------------------------------
Der kürzlich bekannt gewordene Hack von Autos der Marke BMW wäre auf einfache Weise vermeidbar gewesen. Das Computermagazin c’t zeigt im Detail, wie der Autokonzern zentrale ..
---------------------------------------------
http://derstandard.at/2000011322698


*** Flash Zero Days Dominate Exploit Landscape ***
---------------------------------------------
The recent Flash zero-day vulnerabilities and exploits have uncovered the relatively quiet Hanjuan exploit kit, and further exposed the dangers of malvertising.
---------------------------------------------
http://threatpost.com/flash-zero-days-dominate-exploit-landscape/110871


*** Internet Explorer Cross-Site Scripting Vulnerability Now Public ***
---------------------------------------------
Security researcher David Leo has disclosed a new vulnerability in Microsoft Internet Explorer. The vulnerability allows the same origin policy of the browser to be violated. The same-origin policy restricts how a document or ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/internet-explorer-cross-site-scripting-vulnerability-now-public/


*** Anatomy of a Brute Force Campaign: The Story of Hee Thai Limited ***
---------------------------------------------
This is the tale of an ongoing SSH brute forcing campaign, targeting servers and network devices, that distributes a new family of Linux rootkit malware named 'XOR.DDoS'. While typical DDoS bots are straightforward in operation and often programmed in a high-level script such as PHP or Perl, the XOR.DDoS family is programming in C/C++ and incorporates multiple ..
---------------------------------------------
https://www.fireeye.com/blog/threat-research/2015/02/anatomy_of_a_brutef.html


*** Security updates available for Adobe Flash Player (APSB15-04) ***
---------------------------------------------
A Security Bulletin (APSB15-04) has been published regarding security updates for Adobe Flash Player. These updates address CVE-2015-0313, which is being actively exploited in the wild via drive-by-download attacks against systems ..
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1175