[CERT-daily] Tageszusammenfassung - Montag 15-02-2016

Mon Feb 15 18:09:55 CET 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 12-02-2016 18:00 − Montag 15-02-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** A Look Behind The Skype Malvertising Campaign ***
---------------------------------------------
As reported by F-Secure, a recent malvertising campaign has been hitting several top publishers to push the Angler exploit kit and install the TeslaCrypt ransomware, according to the Finnish company. Some of these infections happened via Skype, which displays ad banners within its product.
---------------------------------------------
https://blog.malwarebytes.org/malvertising-2/2016/02/a-look-behind-the-skype-malvertising-campaign/


*** Fake SUPEE-5344 Patch Steals Payment Details ***
---------------------------------------------
In case you don't know, SUPEE-5344 is an official security patch to the infamous Magento shoplift bug. That bug allows bad actors to obtain admin access to vulnerable Magento sites. While the patch was released February 2015 many sites unfortunately did ..
---------------------------------------------
https://blog.sucuri.net/2016/02/fake-supee-5344-patch-steals-payment-details.html


*** VMware VMSA-2015-0007.3 has been Re-released, (Sat, Feb 13th) ***
---------------------------------------------
VMware has re-issue VMSA-2015-0007.3 today after they found an earlier fix for CVE-2016-2342 was incomplete. Affected ESXi versions are: 5.0, 5.1 and 5.5. Advisory can be ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20727


*** Critical Fixes Issued for Windows, Java, Flash ***
---------------------------------------------
Microsoft Windows users and those with Adobe Flash Player or Java installed, its time to update again! Microsoft released 13 updates to address some three dozen unique security vulnerabilities. Adobe issued security updates for its Flash Player software that plugs at least 22 security holes in the widely-used browser plugin. Meanwhile, Oracle issued an unscheduled security fix for Java, its second security update for Java in as many weeks.
---------------------------------------------
http://krebsonsecurity.com/2016/02/criticial-fixes-issued-for-windows-java-flash/


*** Verschlüsselungs-Trojaner: mp3-Variante von TeslaCrypt ***
---------------------------------------------
Leser gaben der Redaktion Hinweise auf verschlüsselte Dateien mit der Endung .mp3. Die scheint eine neue Variante des Verschlüsselungs-Trojaners TeslaCrypt zu erzeugen.
---------------------------------------------
http://heise.de/-3101992


*** DSA-3477 iceweasel - security update ***
---------------------------------------------
Holger Fuhrmannek discovered that missing input sanitising in theGraphite font rendering engine could result in the execution of arbitrarycode.
---------------------------------------------
https://www.debian.org/security/2016/dsa-3477


*** Nigerianischer Astronaut im All verloren: Spam begeistert Netz ***
---------------------------------------------
Nutzer können angeblich ein Investment von drei Millionen Dollar verdoppeln
---------------------------------------------
http://derstandard.at/2000031110981


*** IT-Sicherheit: Immer mehr komplexe Angriffe auf Firmen ***
---------------------------------------------
Neuer Cybersicherheits-Bericht zeigt erhöhte Gefahrenlage im Internet
---------------------------------------------
http://derstandard.at/2000031119634


*** Mazar Bot Actively Targeting Android Devices ***
---------------------------------------------
Researchers at Heimdal Security report public attacks against Android devices using the Mazar bot, which was advertised months ago in a Russian cybercrime forum.
---------------------------------------------
http://threatpost.com/mazar-bot-actively-targeting-android-devices/116240/


*** Update auf Version 1.17: Veracrypt soll jetzt doppelt so schnell sein ***
---------------------------------------------
Veracrypt ist einer der beliebtesten Nachfolger des eingestellten Truecrypt - ein Update bringt jetzt neue Funktionen. Ausserdem soll das Laden von Containern deutlich schneller vonstattengehen - bislang einer der grössten Kritikpunkte ..
---------------------------------------------
http://www.golem.de/news/update-auf-version-1-17-veracrypt-soll-jetzt-doppelt-so-schnell-sein-1602-119143.html


*** Virus legte Krankenhaus in Deutschland lahm ***
---------------------------------------------
"Befunde mussten persönlich, per Telefon oder Fax übermittelt werden"
---------------------------------------------
http://derstandard.at/2000031136914


*** [R1] Nessus < 6.5.5 Multiple Vulnerabilities ***
---------------------------------------------
http://www.tenable.com/security/tns-2016-02


*** Reflecting on Recent iOS and Android Security Updates ***
---------------------------------------------
The last thirty days proven to be yet another exciting time for the mobile security ecosystem. Apple and Google released updates for their respective mobile operating systems that fix several critical issues - including some in the kernel that may be exploited remotely.
---------------------------------------------
https://blog.zimperium.com/reflecting-on-recent-ios-and-android-security-updates/