[CERT-daily] Tageszusammenfassung - Dienstag 26-01-2016

Daily end-of-shift report team at cert.at
Tue Jan 26 18:10:06 CET 2016


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 25-01-2016 18:00 − Dienstag 26-01-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a



*** Cisco Unified Contact Center Express Cross-Site Scripting Vulnerability ***
---------------------------------------------
A vulnerability in the HTTP web-based management interface of the Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system. This vulnerability applies to all Permanent Web Links ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-ucce




*** Cisco Application Policy Infrastructure Controller Enterprise Module SNMP Hostname Cross-Site Scripting Vulnerability ***
---------------------------------------------
A vulnerability in the Simple Network Management Protocol (SNMP) query process of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api




*** DSA-3453 mariadb-10.0 - security update ***
---------------------------------------------
https://www.debian.org/security/2016/dsa-3453




*** Symantec partner caught running tech support scam ***
---------------------------------------------
Tech support scammers are known for their cheek -- making unfounded claims that PCs are infected to scare consumers into parting with their money -- but a Symantec partner took nerve to a new level, a security company claimed last week.According to San Jose, Calif.-based Malwarebytes, Silurian ..
---------------------------------------------
http://www.cio.com/article/3026356/security/symantec-partner-caught-running-tech-support-scam.html




*** Pentest Time Machine: NMAP + Powershell + whatever tool is next ***
---------------------------------------------
Early on in many penetration test or security assessment, you will often find yourself wading through what seems like hundreds or thousands of text files, each seemingly hundreds or thousands of pages long (likely because they are). One ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20653&




*** Appointment Booking Calendar <= 1.1.23 - Unauthenticated SQL Injection ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8366




*** PDF-Reader Foxit Reader für Schadcode anfällig ***
---------------------------------------------
Neue Versionen sichern Foxit PhantomPDF und Foxit Reader ab. Beide Anwendungen lassen sich aus der Ferne attackieren und Angreifer können eigenen Code auf Computer schleusen.
---------------------------------------------
http://heise.de/-3084161




*** Carsharing-Anbieter: Phishing-Angriff auf Car2go-Nutzer ***
---------------------------------------------
Wer von einem Onlinedienst zur 'Verifizierung' von Daten aufgerufen wird, sollte immer vorsichtig sein. Aktuell läuft eine Phishing-Kampagne gegen Nutzer des Carsharing-Angebots von Daimler. 
---------------------------------------------
http://www.golem.de/news/carsharing-anbieter-phishing-angriff-auf-car2go-nutzer-1601-118742.html




*** Sicherheitsupdate für OpenSSL steht an ***
---------------------------------------------
Neue OpenSSL-Versionen sollen zwei Sicherheitslücken schließen. Den Schweregrad einer Schwachstelle stuft das OpenSSL-Team mit hoch ein. 
---------------------------------------------
http://heise.de/-3084227




*** WP Easy Gallery <= 4.1.4 - Reflected Cross-Site Scripting (XSS) ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8367




*** Curve25519/Curve447: Neue elliptische Kurven von der IETF ***
---------------------------------------------
Die Krypto-Arbeitsgruppe der IETF hat RFC 7748 veröffentlicht. Darin spezifiziert sind die zwei elliptischen Kurven Curve25519 und Curve447. Die Einigung ist das Ergebnis einer langen Diskussion.
---------------------------------------------
http://www.golem.de/news/curve25519-curve447-neue-elliptische-kurven-von-der-ietf-1601-118754.html




*** Battling Business Email Compromise Fraud: How Do You Start? ***
---------------------------------------------
In May 2014, an accountant to a Texas manufacturing firm received an email from a familiar correspondent, his company's CEO. The email instructed him to wait for a call from a partner company and warned against sharing the email to anyone ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/battling-business-email-compromise-fraud-how-do-you-start/




*** Oracle Pushes Java Fix: Patch It or Pitch It ***
---------------------------------------------
Oracle has shipped an update for its Java software that fixes at least eight critical security holes. If you have an affirmative use for Java, please update to the latest version; if youre not sure why you have Java installed, its high time to remove the program once and for all.
---------------------------------------------
http://krebsonsecurity.com/2016/01/oracle-pushes-java-fix-patch-it-or-pitch-it/




*** Symantec detects 3,500 servers infected with a malicious script ***
---------------------------------------------
Symantec reported the worldwide infection of 3,500 public servers with a malicious script that redirects its victims to other compromised websites and said it believes could be part of a recon effort for future attacks.
---------------------------------------------
http://www.scmagazine.com/symantec-detects-3500-servers-infected-with-a-malicious-script/article/467340/




*** Nach dem Hack: Vtech geht wieder ein bisschen online ***
---------------------------------------------
Der Spielzeughersteller Vtech wurde Ende vergangenen Jahres wegen großer Sicherheitsmängel kritisiert und nahm daraufhin viele seiner Dienste vom Netz. Jetzt gehen einige Produkte wieder online - bei der Security will das Unternehmen dazugelernt haben. 
---------------------------------------------
http://www.golem.de/news/nach-dem-hack-vtech-geht-wieder-ein-bisschen-online-1601-118762.html






More information about the Daily mailing list