[CERT-daily] Tageszusammenfassung - Dienstag 28-06-2016

Tue Jun 28 18:03:20 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 27-06-2016 18:00 − Dienstag 28-06-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Reverse Engineering Malware ***
---------------------------------------------
The AlienVault Labs team does a lot of malware analysis as a part of their security research. I interviewed a couple members of our Labs team, including Patrick Snyder, Eddie Lee, Peter Ewane and Krishna Kona, to learn more about how they do it. Here are some of the approaches and tools and ..
---------------------------------------------
https://www.alienvault.com/blogs/labs-research/reverse-engineering-malware


*** A year of Windows kernel font fuzzing #1: the results ***
---------------------------------------------
Post by Mateusz Jurczyk of Google Project ZeroThis post series is about how we used at-scale fuzzing to discover and report a total of 16 vulnerabilities in the handling of TrueType and OpenType fonts in the Windows kernel during the ..
---------------------------------------------
http://googleprojectzero.blogspot.com/2016/06/a-year-of-windows-kernel-font-fuzzing-1_27.html


*** Scientology Seeks Captive Converts Via Google Maps, Drug Rehab Centers ***
---------------------------------------------
Fake online reviews generated by unscrupulous marketers blanket the Internet these days. Although online review pollution isnt exactly a hot-button consumer issue, there are plenty of cases in which phony reviews may endanger ones life or ..
---------------------------------------------
http://krebsonsecurity.com/2016/06/scientology-seeks-captive-converts-via-google-maps-drug-rehab-centers/


*** Large CCTV Botnet Leveraged in DDoS Attacks ***
---------------------------------------------
Our security operations team investigate and mitigate multiple denial of service (DDoS) attacks every single day. One recent case caught our attention because of the ..
---------------------------------------------
https://blog.sucuri.net/2016/06/large-cctv-botnet-leveraged-ddos-attacks.html


*** DDoS Extortion - Almost Universally an Empty Threat ***
---------------------------------------------
Last year there was an emergence of threats of DDoS against financial websites (that eventually broadened to others) under the DD4BC moniker. Eventually that morphed into Armada Collective with both stopping around ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=21199


*** Nuclear goes boom ***
---------------------------------------------
Silver medallist exploit kit dies alongside Angler as new top dog doubles rental price Shake ups at the top of the exploit kit world continue, with news the worlds two top pop boxes have disappeared.
---------------------------------------------
www.theregister.co.uk/2016/06/28/nuclear_goes_boom/


*** The Latest Android Overlay Malware Spreading via SMS Phishing in Europe ***
---------------------------------------------
https://www.fireeye.com/blog/threat-research/2016/06/latest-android-overlay-malware-spreading-in-europe.html


*** Locky-Sprössling: Erpressungs-Trojaner Bart verschlüsselt anders und verlangt hohes Lösegeld ***
---------------------------------------------
Sicherheitsforscher beobachteten bei der Ransomware Bart eine neue Methode, Daten als Geisel zu nehmen.
---------------------------------------------
http://heise.de/-3250058


*** Cybersicherheit: "Sehr viel Wissen wird nicht umgesetzt" ***
---------------------------------------------
Beim Start-up-Wettbewerb Security Rockstars werden innovative Sicherheitslösungen gesucht. Einreichungen sind noch bis zum 15. Juli möglich.
---------------------------------------------
http://futurezone.at/thema/start-ups/cybersicherheit-sehr-viel-wissen-wird-nicht-umgesetzt/206.877.014


*** Verschlüsselungs-Trojaner verleibt sich Zimbra-Mails ein ***
---------------------------------------------
Die Schädling ZimbraCryptor infiziert die Zimbra Collaboration Suite und verschlüsselt alle Daten im E-Mail-Ordner. Dafür muss sich ein Angreifer aber in einen Zimbra-Server hacken.
---------------------------------------------
http://heise.de/-3250331


*** Press conference with Minister of Interior Wolfgang Sobotka, KSÖ and SBA: Security Rockstars ***
---------------------------------------------
Er hoffe auf “frische und unkonventionelle Herangehensweisen an Cybersicherheitsthemen, sagte Innenminister Wolfgang Sobotka (ÖVP) am Mittwoch bei einem Pressegespräch ..
---------------------------------------------
https://www.sba-research.org/2016/06/28/pressegesprach/