[CERT-daily] Tageszusammenfassung - Mittwoch 8-07-2015

Wed Jul 8 18:02:20 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 07-07-2015 18:00 − Mittwoch 08-07-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Security Advisory for Adobe Flash Player (APSA15-03) ***
---------------------------------------------
A Security Advisory (APSA15-03) has been published regarding a critical vulnerability (CVE-2015-5119) in Adobe Flash Player 18.0.0.194 and earlier versions for Windows, ..
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1223


*** Security Updates Available for Adobe Flash Player (APSB15-16) ***
---------------------------------------------
A security bulletin (APSB15-16) has been published regarding security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially ..
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1228


*** Multiple vulnerabilities in Cisco products ***
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=39675
http://tools.cisco.com/security/center/viewAlert.x?alertId=39643
http://tools.cisco.com/security/center/viewAlert.x?alertId=39641
http://tools.cisco.com/security/center/viewAlert.x?alertId=39623


*** CVE-2015-5119 (HackingTeam 0d - Flash up to 18.0.0.194) and Exploit Kits ***
---------------------------------------------
http://malware.dontneedcoffee.com/2015/07/hackingteam-flash-0d-cve-2015-xxxx-and.html


*** When ‘int’ is the new ‘short’  ***
---------------------------------------------
This is going to be a quick post, just describing a particularly interesting Chrome issue that I found last month; how I found it; and what is interesting about it�I was looking through some Chrome networking code; and I noticed an interesting API design ..
---------------------------------------------
http://googleprojectzero.blogspot.com/2015/07/when-int-is-new-short.html


*** Windows 10 kann WLAN-Passwörter an Kontakte verteilen ***
---------------------------------------------
In Windows 10 lässt sich das WLAN-Passwort automatisch an Facebook-Freunde oder Skype-Kontakte verteilen. Das erspart das lästige Diktieren von Kennwörtern bei Besuch, bringt aber auch Risiken mit sich. 
---------------------------------------------
http://www.golem.de/news/it-sicherheit-windows-10-kann-wlan-passwoerter-an-kontakte-verteilen-1507-115107.html


*** Schwachstelle in Nameserversoftware BIND 9 ***
---------------------------------------------
Ein Angreifer, der einen Nameserver mit aktivierter DNSSEC-Validierung dazu bringen kann, eine Zone mit speziellem Inhalt abzufragen, kann den Nameserver zum Absturz bringen.
---------------------------------------------
https://cert.at/warnings/all/20150708.html


*** "Zero-Day"-Sicherheitslücke in Adobe Flash Player (aktiv ausgenützt) - Patches jetzt verfügbar ***
---------------------------------------------
Durch Ausnutzen dieser Lücke kann ein Angreifer vermutlich vollständige Kontrolle über betroffene Systeme erlangen. Damit sind alle Daten auf diesen Systemen, sowie alle durch diese erreichbaren (etwa durch Login, VPN etc.) Daten und Systeme gefährdet. 
---------------------------------------------
https://cert.at/warnings/all/20150708-2.html


*** Dyre Banking Trojan Exploits CVE-2015-0057 ***
---------------------------------------------
CVE-2015-0057 is a Use-After-Free vulnerability that exists in the win32k.sys component of the Windows Kernel which can be exploited to perform local privilege escalation. The vulnerability was reported to Microsoft by Udi Yavo, and, after the patch ..
---------------------------------------------
https://www.fireeye.com/blog/threat-research/2015/07/dyre_banking_trojan.html


*** Prenotification: Upcoming Security Updates for Adobe Acrobat and Reader (APSB15-15) ***
---------------------------------------------
A prenotification security advisory has been posted regarding upcoming Adobe Acrobat and Reader updates scheduled for Tuesday, July 14, 2015. We will continue to provide updates on the upcoming release via the Security Bulletins and Advisories page as well ..
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1232


*** Wild Neutron – Economic espionage threat actor returns with new tricks ***
---------------------------------------------
A powerful threat actor known as “Wild Neutron” (also known as “Jripbot” and “Morpho”) has been active since at least 2011, infecting high profile companies for several years by using a combination of exploits, watering holes and multi-platform malware.
---------------------------------------------
https://securelist.com/blog/research/71275/wild-neutron-economic-espionage-threat-actor-returns-with-new-tricks/