[CERT-daily] Tageszusammenfassung - Montag 11-05-2015

Daily end-of-shift report team at cert.at
Mon May 11 18:06:35 CEST 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 08-05-2015 18:00 − Montag 11-05-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a



*** Cisco Wireless LAN Controller Wireless Web Authentication Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability in the wireless web authentication subsystem of Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=38749




*** VMSA-2015-0003.8 ***
---------------------------------------------
http://www.vmware.com/security/advisories/VMSA-2015-0003.html




*** Cisco Unified Communications Manager root Shell Access Local Privilege Escalation Vulnerability ***
---------------------------------------------
A vulnerability in the local read file of the Cisco Unified Communications Manager could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user.
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=38763




*** Who's Scanning Your Network? (A: Everyone) ***
---------------------------------------------
Not long ago I heard from a reader who wanted advice on how to stop someone from scanning his home network, or at least recommendations about to whom he should report the person doing the scanning. I couldnt believe that people actually still cared about scanning, and I told him as much: These days there are ..
---------------------------------------------
http://krebsonsecurity.com/2015/05/whos-scanning-your-network-a-everyone/




*** NCSC publishes factsheet Help! My website has been defaced ***
---------------------------------------------
To deface a website the attacker changes the content of existing pages or adds new ones. Hundreds of websites are defaced every day, often without being specifically targeted. It is becoming increasingly common for defacements to ..
---------------------------------------------
https://www.ncsc.nl/english/current-topics/news/ncsc-publishes-factsheet-help-my-website-has-been-defaced.html




*** Jellyfish: Malware nistet sich in GPUs ein ***
---------------------------------------------
Nutzt eine Malware den Prozessor einer Grafikkarte, ist sie nicht nur schwerer aufzuspüren, sondern kann auch die höhere Rechenleistung der GPU nutzen. Jellyfish will zeigen, dass solcher Schadcode funktioniert. 
---------------------------------------------
http://www.golem.de/news/jellyfish-malware-nistet-sich-in-gpus-ein-1505-113988.html




*** Yubikey: Nie mehr schlechte Passwörter ***
---------------------------------------------
Unser Autor hat 152 Onlinekonten, die er möglichst gut absichern will. Mit dem Passwortmanager Keepass und einem sogenannten Token - dem Yubikey Neo. Eine Anleitung.
---------------------------------------------
http://www.golem.de/news/yubikey-nie-mehr-schlechte-passwoerter-1505-113872-rss.html




*** Tor-Bridges für Amazon EC2 eingestampft ***
---------------------------------------------
Ab sofort wird es schwerer, Nutzern alternative Zugänge zum Anonymisierungsnetz Tor zur Verfügung zu stellen. Das entsprechende Projekt für Cloud-Images wurde eingestellt. 
---------------------------------------------
http://heise.de/-2640793




*** 60 Days of Watching Hackers Attack Elasticsearch ***
---------------------------------------------
Two months ago, one of my DigitalOcean instances started attacking another host with massive amounts of bogus traffic. I was notified by the abuse team at DO that my VPS was participating in a DDoS attack. I managed to track down that the ..
---------------------------------------------
https://jordan-wright.github.io/blog/2015/05/11/60-days-of-watching-hackers-attack-elasticsearch/




*** Finger printing: Print the Finger of an Application ***
---------------------------------------------
When performing a Web Application Security Assessment, an important step is Fingerprinting which allows for further exploitation by an attacker. So as a security researcher/pentester, we should do well at fingerprinting the web server, which gives lot of information like application name, software version, ..
---------------------------------------------
http://resources.infosecinstitute.com/finger-printing-print-the-finger-of-an-application/




*** Angler exploit kit using tricks to avoid referrer chain leading back to malvertisement provider ***
---------------------------------------------
For some time I've been seeing the Angler exploit kit pop up and infect clients without through malvertising campaigns without having a referer when visitng the landing page. The reason why this is interesting is that it makes it a lot harder to track down the malicious creative IDs which can ..
---------------------------------------------
http://blog.0x3a.com/post/118366451134/angler-exploit-kit-using-tricks-to-avoid-referrer






More information about the Daily mailing list