[CERT-daily] Tageszusammenfassung - Dienstag 16-02-2016

Daily end-of-shift report team at cert.at
Tue Feb 16 18:07:26 CET 2016


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 15-02-2016 18:00 − Dienstag 16-02-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** More Multi-Architecture IoT Malware, (Mon, Feb 15th) ***
---------------------------------------------
Attackers have problems too: Attacks against Internet of Things (IoT) devices are simple (as in log in...), but the attacker never knows what kind of architecture they may hit. IoT devices often go beyond the standard x86 architecture we are used to on our servers and workstations. What I typically see ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20731




*** Password cracking attacks on Bitcoin wallets net $103,000 ***
---------------------------------------------
Hackers have siphoned about $103,000 out of Bitcoin accounts that were protected with an alternative security measure, according to research that tracked six years' worth of transactions. Account-holders used easy-to-remember passwords to protect their accounts instead of the long cryptographic keys normally required.
---------------------------------------------
http://arstechnica.com/security/2016/02/password-cracking-attacks-on-bitcoin-wallets-net-103000/




*** Cisco Emergency Responder Cross-Site Scripting Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-er




*** Cisco IOS Software for Cisco Industrial Ethernet 2000 Series Switches Denial of Service Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-ie2000




*** Exploiting (pretty) blind SQL injections, (Mon, Feb 15th) ***
---------------------------------------------
Although a lot has been written about SQL injection vulnerabilities, they can still be found relatively often. In most of the cases Ive seen in last couple of years, I had to deal with blind SQL injection vulnerabilities. Typically, ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20733




*** VoIP phones can be turned into spying or money-making tools ***
---------------------------------------------
A security vulnerability present in many enterprise-grade VoIP phones can easily be exploited by hackers to spy on employees and management, says security consultant Paul Moore. In a less dangerous attack alternative, these compromised devices can also be made to covertly place calls to premium ..
---------------------------------------------
https://www.helpnetsecurity.com/2016/02/16/voip-phones-can-turned-spying-money-making-tools/




*** Ransomware: Neben deutschen Krankenhäusern auch US-Klinik von Virus lahmgelegt ***
---------------------------------------------
Nicht nur in Deutschland kämpfen Krankenhäuser immer wieder gegen Verschlüsselungstrojaner. In Los Angeles ist eine Klinik seit mehr als einer Woche lahmgelegt. Die Programmierer fordern angeblich mehr als 3 Millionen US-Dollar Lösegeld.
---------------------------------------------
http://heise.de/-3103733




*** "Fake President": E-Mail-Betrüger erleichtern Konzerne um Millionenbeträge ***
---------------------------------------------
Vorstands-Accounts und machen ahnungslose Buchhalter zu ihren Komplizen
---------------------------------------------
http://derstandard.at/2000031179980




*** Geldautomaten: Skimming an der Netzwerkbuchse ***
---------------------------------------------
Skimming ist ein bekanntes Problem - Kriminelle verwenden nachgebaute Tastaturfelder und Magnetkartenleser, um Kundendaten an Geldautomaten zu kopieren. Jetzt warnt der Hersteller NCR vor neuen Gefahren.
---------------------------------------------
http://www.golem.de/news/geldautomaten-skimming-an-der-netzwerkbuchse-1602-119162.html




*** USN-2855-2: Samba regression ***
---------------------------------------------
Ubuntu Security Notice USN-2855-216th February, 2016samba regressionA security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTSSummaryUSN-2855-1 introduced a regression in ..
---------------------------------------------
http://www.ubuntu.com/usn/usn-2855-2/




*** Erpressungs-Trojaner Locky schlägt offenbar koordiniert zu ***
---------------------------------------------
Locky lauerte vermutlich bereits eine Weile auf den infizierten Systemen, ehe es am vergangenen Montag zeitgleich bei mehreren Opfern mit der Verschlüsselung persönlicher Dateien begonnen hat.
---------------------------------------------
http://heise.de/-3104069




*** Stuxnet angeblich Teil eines größeren Angriffs auf kritische Infrastruktur des Iran ***
---------------------------------------------
Dass die USA und Israel hinter Stuxnet steckten, um Irans Atomprogramm zu stören, gilt mittlerweile als gesichert. Ein neuer Dokumentarfilm behauptet nun, dass der Cyber-Wurm Teil eines viel größeren Programms war, das den ganzen Iran lahmlegen sollte.
---------------------------------------------
http://heise.de/-3104957




*** TYPO3 CMS 6.2.18 and 7.6.3 released ***
---------------------------------------------
Both versions are maintenance releases and contain bug and security fixes. In case the extension compatibility6 is used, please make sure to upgrade to version 7.6.2.
---------------------------------------------
https://typo3.org/news/article/typo3-cms-6218-and-763-released/




*** Glibc: Sicherheitslücke gefährdet fast alle Linux-Systeme ***
---------------------------------------------
Eine schwerwiegende Sicherheitslücke klafft in der Glibc-Bibliothek, die in fast allen Linux-Systemen genutzt wird: Eine DNS-Funktion erlaubt die Ausführung von bösartigem Code. Nutzer sollten schnellstmöglich Updates installieren.
---------------------------------------------
http://www.golem.de/news/glibc-sicherheitsluecke-gefaehrdet-fast-alle-linux-systeme-1602-119172.html




*** CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow ***
---------------------------------------------
The glibc project thanks the Google Security Team and Red Hat for reporting the security impact of this issue, and Robert Holiday of Ciena for reporting the related bug 18665.
---------------------------------------------
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html



More information about the Daily mailing list