[CERT-daily] Tageszusammenfassung - Freitag 2-01-2015

Daily end-of-shift report team at cert.at
Fri Jan 2 18:11:29 CET 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 30-12-2014 18:00 − Freitag 02-01-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  Robert Waldner

*** Miss a talk from the 31st CCC this year? No worries - theyre all already available online. (Reddit) ***
---------------------------------------------
http://www.reddit.com/r/netsec/comments/2qvuog/miss_a_talk_from_the_31st_ccc_this_year_no/




*** Wordpress 4.1 XSS & CSRF Web Vulnerability ***
---------------------------------------------
The Hackyard Security Group Researcher-Team leaded by 0x0A discovered a cross site request forgery issue and a cross site vulnerability in the Wordpress 4.1
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014120203




*** Log Analysis for Web Attacks: A Beginner's Guide ***
---------------------------------------------
It is often the case that web applications face suspicious activities due to various reasons, such as a kid scanning a website using an automated vulnerability scanner or a person trying to fuzz a parameter for SQL Injection, etc. In many such cases, logs on the webserver have to the webserver have to be analyzed to figure out what is going on. If it is a serious case, it may require a forensic investigation.
Apart from this, there are other scenarios as well.
---------------------------------------------
http://resources.infosecinstitute.com/log-analysis-web-attacks-beginners-guide/




*** Google Researcher Publishes Unpatched Windows 8.1 Security Vulnerability ***
---------------------------------------------
An anonymous reader writes "Googles security research database has after a 90 day timeout automatically undisclosed a Windows 8.1 vulnerability which Microsoft hasnt yet patched. By design the system call NtApphelpCacheControl() in ahcache.sys allows application compatibility data to be cached for quick reuse when new processes are created. A normal user can query the cache but cannot add new cached entries as the operation is restricted to administrators. This is checked in the function
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Q5qBW3crGPY/story01.htm





*** 2014 Website Defacements ***
---------------------------------------------
Defacements are the most visual and obvious hack that a website can suffer from. They also come parcelled with their own exquisite sense of dread. Nothing gives that gut-wrenching feeling of "I've been hacked" more than seeing this: Most malware that we see on a daily basis is driven by some desire to profit offRead More
---------------------------------------------
http://blog.sucuri.net/2015/01/website-hacks-defacements-2014.html




*** Spamhaus Botnet Summary 2014 ***
---------------------------------------------
As 2014 ends, Spamhaus reviews the botnet threats that it detected in the past year, and provides facts and useful suggestions for ISPs and web hosts on the front lines of the battle against cybercrime. To nobodys surprise, botnet activity appears to be increasing. The majority of detected botnets are targeted at obtaining and exploiting banking and financial information. Botnet controllers (C&Cs) are hosted disproportionately on ISPs with understaffed abuse departments, inadequate abuse
---------------------------------------------
http://www.spamhaus.org/news/article/720/spamhaus-botnet-summary-2014




*** Phil Zimmerman (PGP), Ladar Levison (Lavabit), & Team release Secure Email Protocol DIME ***
---------------------------------------------
Full specs here: https://darkmail.info/downloads/dark-internet-mail-environment-december-2014.pdf (PDF)
Full source code (libraries) here: https://github.com/lavabit/
Website: http://darkmail.info/
---------------------------------------------
http://www.reddit.com/r/netsec/comments/2qu2er/phil_zimmerman_pgp_ladar_levison_lavabit_team/




*** Trojan-horse hardware - a student prank demonstrates how easy it is to substitute a PIC for a dumb logic chip (Reddit) ***
---------------------------------------------
http://www.reddit.com/r/netsec/comments/2r3cfs/trojanhorse_hardware_a_student_prank_demonstrates/




*** Introduction to RFID Security ***
---------------------------------------------
The main problem with RFID is related to its frequency. Someone with specific tools and enough knowledge on RFID (including complete documentation) could analyze the working frequency of an RFID tag and then decode the data or perform an attack such as cloning the RFID or doing a Denial-of-Service attack.
---------------------------------------------
http://resources.infosecinstitute.com/introduction-rfid-security/




*** Hackers claim theyve found a frighteningly easy way to hack your iCloud account (Yahoo Security) ***
---------------------------------------------
... a hacker known as Pr0x13 has released a tool called iDict on GitHub that is capable of bypassing restrictions and authentication on any iCloud account, potentially giving hackers unfettered access to iOS devices.
---------------------------------------------
http://news.yahoo.com/hackers-claim-ve-found-frighteningly-easy-way-hack-154010465.html






More information about the Daily mailing list