[CERT-daily] Tageszusammenfassung - Mittwoch 13-05-2015

Wed May 13 18:09:02 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 12-05-2015 18:00 − Mittwoch 13-05-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

*** Adobe Security Bulletins Posted ***
---------------------------------------------
The following Security Bulletins have been posted today: APSB15-09: Security updates available for Adobe Flash Player APSB15-10: Security updates available for Adobe Reader and Acrobat Customers of the affected products should consult the relevant ..
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1197

*** How Social Media Blacklisting Happens ***
---------------------------------------------
In today's world, we are all browsing websites online and sharing content on a multitude of social media platforms every day. Worldwide social media users exceeded 2 billion back in ..
---------------------------------------------
https://blog.sucuri.net/2015/05/how-social-media-blacklisting-happens.html

*** Cisco Headend Digital Broadband Delivery System Cross-Site Scripting Vulnerability ***
---------------------------------------------
A vulnerability in the web-based administration interface of the Cisco Headend Digital Broadband Delivery System could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on the affected device.
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=38767

*** Another look at Niteris : post exploitation WMI and Fiddler checks ***
---------------------------------------------
http://malware.dontneedcoffee.com/2015/05/another-look-at-niteris-post.html

*** Adobe, Microsoft Push Critical Security Fixes ***
---------------------------------------------
Microsoft today issued 13 patch bundles to fix roughly four dozen security vulnerabilities in Windows and associated software. Separately, Adobe pushed updates to fix a slew of critical flaws in its Flash Player and Adobe Air software, ..
---------------------------------------------
http://krebsonsecurity.com/2015/05/adobe-microsoft-push-critical-security-fixes-7/

*** [2015-05-13] Multiple critical vulnerabilities in WSO2 Identity Server ***
---------------------------------------------
An unauthenticated attacker is able to read arbitrary local files from the WSO2 Identity Server by using the SAMLv2 authentication interface. Moreover, targeted attacks against users or administrators of the Identity Server may be conducted using CSRF and XSS vulnerabilities.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150513-0_WSO2_Identity_Server_Multiple_Vulnerabilities_v10.txt

*** Security: Wie Google Android sicher macht ***
---------------------------------------------
HTTPS soll ausgemustert, Android sicherer werden, und es soll ein PGP-Plugin für Gmail geben: Google verstärkt seinen Einsatz im Bereich IT-Sicherheit enorm. Wir haben mit Googles IT-Sicherheitsexperten Stephan Somogyi darüber gesprochen. (Google, Gmail)
---------------------------------------------
http://www.golem.de/news/security-wie-google-android-sicher-macht-1505-114029.html

*** Microsoft Security Bulletin Summary for May 2015 ***
---------------------------------------------
This bulletin summary lists security bulletins released for May 2015. For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications. Microsoft also ..
---------------------------------------------
https://technet.microsoft.com/library/security/ms15-may

*** VENOM, don't get bitten. ***
---------------------------------------------
QEMU is a generic and open source machine emulator and virtualizer and is incorporated in some Red Hat products as a foundation and hardware emulation layer for running virtual machines under the Xen and KVM hypervisors. CVE-2015-3456 (aka VENOM) ..
---------------------------------------------
https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/

*** Anatomy of an APT Attack: Step by Step Approach ***
---------------------------------------------
This article will explore the technique, design and the inner workings of an APT (Advanced Persistent Threat) attack. It will also relate various stages of attack with a few attacks that were custom-created to penetrate enterprises for extraction of internal data, trade secrets, and sensitive business ..
---------------------------------------------
http://resources.infosecinstitute.com/anatomy-of-an-apt-attack-step-by-step-approach/

*** Spam and Phishing in the First Quarter of 2015 ***
---------------------------------------------
The share of spam in email traffic in the first quarter of 2015 was 59.2%; the percentage of spam gradually declined during the quarter. Spam traffic included a large number of mass mailings with Microsoft Word or Excel attachments containing macro viruses.
---------------------------------------------
http://securelist.com/analysis/quarterly-spam-reports/69932/spam-and-phishing-in-the-first-quarter-of-2015/

*** OSIsoft PI AF Incorrect Default Permissions Vulnerability ***
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-15-132-01

*** Edge: Wie Microsoft seinen neuen Browser absichern will ***
---------------------------------------------
Detailliert beschreibt Microsoft neue und bekannte Techniken, mit denen die Sicherheit des Edge-Browsers "fundamental" verbessert werden soll. Dabei hilft auch der Verzicht auf alte Technik des Internet Explorers.
---------------------------------------------
http://www.golem.de/news/edge-wie-microsoft-seinen-neuen-browser-absichern-will-1505-114043.html

Aufgrund des morgigen (14.05.2015) Feiertages erscheint der nächste End-of-Shift-Report erst am Freitag, den 15.05.2015.