[CERT-daily] Tageszusammenfassung - Dienstag 8-09-2015

Daily end-of-shift report team at cert.at
Tue Sep 8 18:06:58 CEST 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 07-09-2015 18:00 − Dienstag 08-09-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a



*** The state of Ransomware in 2015 ***
---------------------------------------------
Ransomware has been a threat for quite some years, although the ransomware as its currently known, encrypting files, has only been around a few years. This change started with the initial 2013 CryptoLocker infections authored by the ..
---------------------------------------------
http://blog.fox-it.com/2015/09/07/the-state-of-ransomware-in-2015/




*** Adult Player: Porno-App erpresst Android-Nutzer mit Selfies ***
---------------------------------------------
Die Porno-App Adult Player schießt ein Selbstporträt des Nutzers, sperrt das Smartphone und fordert zur Zahlung von 500 US-Dollar auf. Nutzer können sich mit einfachen Mitteln schützen.
---------------------------------------------
http://www.golem.de/news/adult-player-porno-app-erpresst-android-nutzer-mit-selfies-1509-116180.html




*** Sofacy Recycles Carberp and Metasploit Code ***
---------------------------------------------
The Sofacy Group (also known as Pawn Storm or APT28) is well known for deploying zero-day exploits in their APT campaigns. For example, two recent zero-days used by the Sofacy Group were exploiting vulnerabilities in Microsoft ..
---------------------------------------------
https://labsblog.f-secure.com/2015/09/08/sofacy-recycles-carberp-and-metasploit-code/




*** Unauthenticated Path Disclosure ***
---------------------------------------------
It has been discovered, that calling a PHP script which is delivered with TYPO3 for testing purposes, discloses the absolute server path to the TYPO3 installation. 
---------------------------------------------
http://www.typo3.org/news/article/unauthenticated-path-disclosure/




*** Jeep-Hack: Fiat Chrysler ruft weitere Modelle zurück ***
---------------------------------------------
Aufgrund einer Sicherheitslücke im Infotainmentsystem ruft Fiat Chrysler in den USA 7810 SUV-Modelle zurück. Davon sollen sich rund die Hälfte noch bei Händlern befinden, die das Update vor dem Verkauf einspielen können. Nach Bekanntwerden ..
---------------------------------------------
http://heise.de/-2807879




*** Ashley Madison, Why Do Our Honeypots Have Accounts On Your Website? ***
---------------------------------------------
She is 33 years old, from Los Angeles, 6 feet tall, sexy, aggressive, and a 'woman who knows what she wants', according to her profile. She is intriguing. However, her intrigue doesn't end ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/ashley-madison-why-do-our-honeypots-have-accounts-on-your-website/




*** Cyber Security - Getting the Message ***
---------------------------------------------
There is a concept in the health and safety industry known as 'sign blindness'. This occurs when safety notices become so numerous, or so familiar, that the human brain simply filters ..
---------------------------------------------
https://blog.team-cymru.org/2015/09/cyber-security-getting-the-message/




*** FireEye untersucht Root-Lücken in Sicherheits-Appliances ***
---------------------------------------------
Sicherheitsforscher hatten schwerwiegende Lücken in den Appliances der Firma entdeckt. Ihre Hinweise blieben nach eigenen Angaben 18 Monate lang unbeantwortet. FireEye sagt, man wisse erst seit Montag von den Lücken.
---------------------------------------------
http://heise.de/-2807930




*** iOS 8.4.1 Kernel Vulnerabilities in AppleHDQGasGaugeControl ***
---------------------------------------------
When auditing iOS kernel executable, we found that the code quality of com.apple.driver.AppleHDQGasGaugeControl is very bad. In this blog, we will disclose 3 vulnerabilities in this kernel extension on the latest public iOS (version 8.4.1). More ..
---------------------------------------------
http://blog.pangu.io/ios-8-4-1-kernel-vulns/




*** WhatsApp 'MaliciousCard' Vulnerabilities Allowed Attackers to Compromise Hundreds of Millions of WhatsApp Users ***
---------------------------------------------
WhatsApp Web is a web-based extension of the WhatsApp application on your phone. The web application mirrors all messages sent and received, and fully synchronize your phone and your desktop computer so that users can see all messages on both devices.
---------------------------------------------
http://blog.checkpoint.com/2015/09/08/whatsapp-maliciouscard-vulnerabilities-allowed-attackers-to-compromise-hundreds-of-millions-of-whatsapp-users/




*** Security Update Available for Adobe Shockwave Player (APSB15-22) ***
---------------------------------------------
A security bulletin (APSB15-22) has been published regarding a security update for Adobe Shockwave Player. This update addresses critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe ..
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1268






More information about the Daily mailing list