[CERT-daily] Tageszusammenfassung - Donnerstag 19-05-2016
Daily end-of-shift report
team at cert.at
Thu May 19 18:06:14 CEST 2016
=======================
= End-of-Shift report =
=======================
Timeframe: Mittwoch 18-05-2016 18:00 − Donnerstag 19-05-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
*** Website Hacked Trend Report - 2016/Q1 ***
---------------------------------------------
Our Remediation group is comprised of two distinct teams, the Incident Response Team (IRT) and Malware Research Team (MRT). These teams work closely with our customers in an effort to identify and remove website infections to include ..
---------------------------------------------
https://blog.sucuri.net/2016/05/sucuri-hacked-report-2016q1.html
*** Registration Codes - Less Critical - Input Validation Vulnerability - SA-CONTRIB-028 ***
---------------------------------------------
https://www.drupal.org/node/2728711
*** Dropbox client - Multiple Vulnerabilities - SA-CONTRIB-2016-027 ***
---------------------------------------------
https://www.drupal.org/node/2728693
*** Web Mailing List vulnerable to cross-site scripting ***
---------------------------------------------
http://jvn.jp/en/jp/JVN43076390/
*** The 5Ws and 1H of Ransomware ***
---------------------------------------------
For the past three months, we have seen ransomware hop its way across globe. Majority of the ransomware incidents are found in the United States, then Italy, and Canada. The prevalence of large-scale ransomware incidents led the United States and Canadian governments to issue a joint statement about ..
---------------------------------------------
https://blogs.technet.microsoft.com/mmpc/2016/05/18/the-5ws-and-1h-of-ransomware/
*** Hackerangriff auf Linkedin: 100 Millionen Nutzer betroffen ***
---------------------------------------------
Attacke fand bereits 2012 statt - Ausmass wurde jedoch erst jetzt in vollem Umfang bekannt
---------------------------------------------
http://derstandard.at/2000037231582
*** Erpressungstrojaner: Teslacrypt-Entwickler geben auf ***
---------------------------------------------
Master-Key veröffentlicht, Entschlüsselungssoftware verfügbar.
---------------------------------------------
http://derstandard.at/2000037236758
*** Ransomware Awareness Tag ***
---------------------------------------------
Unsere Kollegen von der Schweizer Melde- und Analysestelle Informationssicherung MELANI veranstalten heute, am 19. Mai 2016, einen Aktionstag zum Thema Ransomware. Das Ziel ist es, die Informationen zu der Bedrohung ..
---------------------------------------------
http://www.cert.at/services/blog/20160519095712-1737.html
*** Kernel Waiter Exploit from the Hacking Team Leak Still Being Used ***
---------------------------------------------
Although the Hacking Team leak took place several months ago, the impact of this data breach - where exploit codes were made public and spurred a chain of attacks - can still be felt until today. We recently spotted malicious Android apps that appear to use an exploit found in the Hacking Team data ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/kernel-waiter-exploit-from-the-hacking-team-leak-still-being-used/
*** FBI muss Mozilla keine Informationen über Sicherheitslücke übergeben ***
---------------------------------------------
Der Richter in einem Verfahren gegen einen Nutzer einer Kinderpornographie-Plattform hat es abgelehnt, dass Mozilla sich einmischt, um an Informationen über eine Sicherheitslücke im Tor-Browser zu kommen.
---------------------------------------------
http://heise.de/-3211120
More information about the Daily
mailing list