[CERT-daily] Tageszusammenfassung - Dienstag 15-03-2016

Daily end-of-shift report team at cert.at
Tue Mar 15 18:05:38 CET 2016


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 14-03-2016 18:00 − Dienstag 15-03-2016 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl



*** Typosquatters Target Mac Users With New '.om' Domain Scam ***
---------------------------------------------
http://threatpost.com/typosquatters-target-apple-mac-users-with-new-om-domain-scam/116768/




*** Juniper: Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800) ***
---------------------------------------------
On March 1, 2016, a cross-protocol attack was announced by OpenSSL that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. Note that traffic between clients and non-vulnerable servers can be decrypted provided another server supporting SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP) shares the RSA keys of the non-vulnerable server. This vulnerability is known as DROWN (CVE-2016-0800).
---------------------------------------------
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10722




*** Citrix XenApp and XenDesktop Hardening Guidance ***
---------------------------------------------
https://www.fireeye.com/blog/threat-research/2016/03/citrix_xenapp_andxe.html




*** Complete Tour of PE and ELF: Part 2 ***
---------------------------------------------
We covered some important sections in Part 1 of this series. In this part, we will cover some more complex data structures covering some important concepts of binaries. Here is what we are looking at: If you can recall in Optional header, ..
---------------------------------------------
http://resources.infosecinstitute.com/complete-tour-of-pe-and-elf-part-2/




*** Adrian Dabrowski @ Troopers TelcoSecDay 2016 ***
---------------------------------------------
Today Adrian Dabrowski gives his talk 'Towards Carrier Based IMSI Catcher Detection' at the TelcoSecDay 2016. Abstract: In this presentation we discuss multiple detection capabilities of IMSI Catchers (aka Stingray) from the network ..
---------------------------------------------
https://www.sba-research.org/2016/03/15/adrian-dabrowski-troopers-telcosecday-2016/




*** How broken is SHA-1 really? ***
---------------------------------------------
SHA-1 collisions may be found in the next few months, but that doesnt mean that fake SHA-1-based certificates will be created in the near future. Nevertheless, it is time for everyone, and those working in security in particular, to move away from outdated hash functions.  Read more
---------------------------------------------
https://www.virusbulletin.com/blog/2016/march-2016/how-broken-sha-1-really/




*** BSI-Leitfaden zum Umgang mit Erpressungs-Trojanern ***
---------------------------------------------
Das BSI informiert in einem knappen Leitfaden Behörden und Unternehmen über die Bedrohung durch Krypto-Trojaner und wie man sich im Ernstfall verhalten sollte.
---------------------------------------------
http://heise.de/-3135866




*** From Stolen Wallet to ID Theft, Wrongful Arrest ***
---------------------------------------------
Its remarkable how quickly a stolen purse or wallet can morph into full-blow identity theft, and possibly even result in the victims wrongful arrest. All of the above was visited recently on a fellow infosec professional whose admitted lapse in physical security lead to a mistaken early morning arrest in front of his kids.
---------------------------------------------
http://krebsonsecurity.com/2016/03/from-stolen-wallet-to-id-theft-wrongful-arrest/






More information about the Daily mailing list