[CERT-daily] Tageszusammenfassung - Donnerstag 10-09-2015

Daily end-of-shift report team at cert.at
Thu Sep 10 18:08:03 CEST 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 09-09-2015 18:00 − Donnerstag 10-09-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a



*** The Security Risks of Third-Party Data ***
---------------------------------------------
Most of us get to be thoroughly relieved that our e-mails werent in the Ashley Madison database. But dont get too comfortable. Whatever secrets you have, even the ones you dont think of as secret, are more likely than you think to get dumped on the Internet. Its ..
---------------------------------------------
https://www.schneier.com/blog/archives/2015/09/the_security_ri_4.html




*** RESTful - Moderately Critical - Access bypass - SA-CONTRIB-2015-147 ***
---------------------------------------------
This module enables you to expose your Drupal backend by generating a RESTful API.The module doesnt sufficiently account for cores page cache generation for anonymous users, when using non-cookie authentication providers. Authenticated users, ..
---------------------------------------------
https://www.drupal.org/node/2565875




*** Twitter - Moderately Critical - Access bypass - SA-CONTRIB-2015-146 ***
---------------------------------------------
This module enables you to pull in public tweets from Twitter accounts, post messages to Twitter to announce content changes, and authenticate using Twitter.The module doesnt sufficiently check for access when using the Twitter Post ..
---------------------------------------------
https://www.drupal.org/node/2565827




*** A look through the spam filters - examining waves of Upatre malspam, (Thu, Sep 10th) ***
---------------------------------------------
Any email filtering worth its cost should block numerous messages every day. however, Im always interested to see what exactly is being blocked. Perhaps the most common type of malicious spam (malspam) I see from the spam filters is Upatre-based malspam. Ive written diaries before about specific waves of Upatre malspam sending the Dyre banking Trojan [1, 2]. Ive only noticed emails with .zip ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20135




*** MSRT September 2015: Teerac ***
---------------------------------------------
As part of our ongoing effort to provide better malware protection, the September release of the Microsoft Malicious Software Removal Tool (MSRT) will include detection for the prevalent ransomware family Win32/Teerac. We first detected Teerac in early 2014. Since then, the family has joined Win32/Crowti ..
---------------------------------------------
http://blogs.technet.com/b/mmpc/archive/2015/09/08/msrt-september-2015-teerac.aspx




*** How Do You Solve A Problem Like Attribution? ***
---------------------------------------------
There was an advert for weed-killer a while back, the tagline was something along the lines of 'Kill the root, kill the weed'. That's true of many problems, better to get to the heart of the issue and deal with it there, rather than ..
---------------------------------------------
https://blog.team-cymru.org/2015/09/how-do-you-solve-a-problem-like-attribution/




*** Obfuscated URLs, where is that link taking you? ***
---------------------------------------------
We take a look at ways to obfuscate URL the way scammers do by using shortening services and encoded search engine URLs.
---------------------------------------------
https://blog.malwarebytes.org/fraud-scam/2015/09/obfuscated-urls-where-is-that-link-taking-you/




*** Ein Patch, zwei offene Lücken in Cisco-Gateways ***
---------------------------------------------
In der Software von Ciscos Web Security Appliance (WSA) und der Email Security Appliance (ESA) der Firma klaffen Lücken, die es Angreifern aus der Ferne erlauben, die Gateways lahmzulegen. Nur für eine der drei Lücken gibt es Abhilfe.
---------------------------------------------
http://heise.de/-2809896




*** Free and Commercial Tools to Implement the SANS Top 20 Security Controls, Part 1 ***
---------------------------------------------
This is the first in a series about the tools available to implement the SANS Top 20 Security Controls. The SANS Top 20 Security Controls are not standards. If you want standards and procedures, check out the NIST 800 series Special Publications (SP). The controls are recommendations made by ..
---------------------------------------------
https://www.alienvault.com/blogs/security-essentials/free-and-commercial-tools-to-implement-the-sans-top-20-security-controls-part-1



*** The Latest on Stagefright: CVE-2015-1538 Exploit is Now Available for Testing Purposes ***
---------------------------------------------
More than a month has passed since Zimperium first broke the news of zLabs' VP of Platform Research and Exploitation Joshua J. Drake's discovery of multiple critical vulnerabilities in Android's media library - libstagefright. In that time frame, the number and importance of the events that have unfolded is nothing short of amazing. Back in April and May we reported two sets of vulnerabilities to Google, both ..
---------------------------------------------
https://blog.zimperium.com/the-latest-on-stagefright-cve-2015-1538-exploit-is-now-available-for-testing-purposes/




*** Ashley Madison: Hacker knacken 11,2 Millionen Passwörter ***
---------------------------------------------
Die Login-Dateien im Ashley-Madison-Fundus galten bislang als sicher, weil der Anbieter eine sichere Hashfunktion verwendet haben soll. Doch jetzt haben Hacker eine Schwachstelle gefunden, um einen Teil der Passwörter zu knacken.
---------------------------------------------
http://www.golem.de/news/ashley-madison-hacker-knacken-11-2-millionen-passwoerter-1509-116248.html





More information about the Daily mailing list