[CERT-daily] Tageszusammenfassung - Mittwoch 18-01-2017

Wed Jan 18 18:05:32 CET 2017

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 17-01-2017 18:00 − Mittwoch 18-01-2017 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Critical Patch Update - January 2017 ***
---------------------------------------------
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html


*** vBulletin Malware – When Hackers Compete for Backdoor Control ***
---------------------------------------------
A common pattern we see in compromised websites is the presence of backdoors and other malicious code. During Q3 of 2016, we found that 72% of all compromises that we encountered had ..
---------------------------------------------
https://blog.sucuri.net/2017/01/vbulletin-malware-hackers-compete-backdoor-control.html


*** JSA10774 - 2017-01 Security Bulletin: Network and Security Manager (NSM): Multiple OpenSSH and other third party software vulnerabilities affect NSM Appliance OS. ***
---------------------------------------------
http://kb.juniper.net/index?page=content&id=JSA10774&actp=RSS


*** Kill it with fire: US-CERT warns admins to dump Server Message Block ***
---------------------------------------------
Shadow Brokers may have loosed a zero-day, so youre better safe than sorry The US computer emergency readiness team ..
---------------------------------------------
www.theregister.co.uk/2017/01/18/uscert_warns_admins_to_kill_smb_after_shadow_brokers_dump/


*** Do web injections exist for Android? ***
---------------------------------------------
Man-in-the-Browser (MITB) attacks can be implemented using various means, including malicious DLLs, rogue ..
---------------------------------------------
http://securelist.com/blog/research/77118/do-web-injections-exist-for-android/


*** In Review: 2016’s Mobile Threat Landscape Brings Diversity, Scale, and Scope ***
---------------------------------------------
65 million: the number of times we’ve blocked mobile threats in 2016. By December 2016, the total number of unique samples of malicious Android apps we’ve collected and ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/2016-mobile-threat-landscape/


*** Last call to replace SHA-1 certificates ***
---------------------------------------------
http://blog.sec-consult.com/2017/01/last-call-to-replace-sha-1-certificates.html


*** The Carbanak gang is with a new modus operandi, Google services as C&C ***
---------------------------------------------
The infamous Carbanak cybercrime gang is back and is leveraging Google services for command-and-control of its malicious codes. The dreaded Carbanak cybercrime gang is back ..
---------------------------------------------
http://securityaffairs.co/wordpress/55427/cyber-crime/carbanak-google-services.html


*** Spora Ransomware Offers Victims Unique Payment Options ***
---------------------------------------------
Researchers are keeping close tabs on a new ransomware strain called Spora that offers victims unique payment options.
---------------------------------------------
http://threatpost.com/spora-ransomware-offers-victims-unique-payment-options/123130/


*** Kritische Lücken in Java & Co: Oracle wirft Riesen-Patchpaket ab ***
---------------------------------------------
Das neueste Critical Patch Update von Oracle enthält unter anderem Sicherheitsupdates für Java, MySQL und VirtualBox. Wie immer gibt es Patches für fast alle Produkte des Herstellers.
---------------------------------------------
https://heise.de/-3601613


*** Ancient Mac backdoor discovered that targets medical research firms ***
---------------------------------------------
More secure than PC? Ha! Security researchers at Malwarebytes have discovered a Mac backdoor using antiquated code that targets biomedical research facilities.…
---------------------------------------------
ww.theregister.co.uk/2017/01/18/mac_malware/


*** Uncovering the Inner Workings of EyePyramid ***
---------------------------------------------
Two Italians referred to as the “Occhionero brothers” have been arrested and accused of using malware and a carefully-prepared spear-phishing scheme to spy on high-profile ..
---------------------------------------------
http://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-inner-workings-eyepyramid