[CERT-daily] Tageszusammenfassung - Donnerstag 19-01-2017

Daily end-of-shift report team at cert.at
Thu Jan 19 18:15:27 CET 2017


=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 18-01-2017 18:00 − Donnerstag 19-01-2017 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Who is Anna-Senpai, the Mirai Worm Author? ***
---------------------------------------------
On September 22, 2016, this site was forced offline for nearly four days after it was hit with “Mirai,” a malware strain that enslaves poorly secured Internet of Things (IoT) devices like wireless routers and security cameras into a botnet for use in large cyberattacks. Roughly a week after that ..
---------------------------------------------
https://krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm-author/




*** Docker Patches Container Escape Vulnerability ***
---------------------------------------------
Docker has patched a privilege escalation vulnerability that could lead to container escapes, allowing a hacker to affect operations of a host from inside a container.
---------------------------------------------
http://threatpost.com/docker-patches-container-escape-vulnerability/123161/




*** Database Ransom Attacks Hit CouchDB and Hadoop Servers ***
---------------------------------------------
For the past week, unknown groups of cyber-criminals have taken control of and wiped data from CouchDB and Hadoop databases, in some cases asking for a ransom fee to return the ..
---------------------------------------------
https://www.bleepingcomputer.com/news/security/database-ransom-attacks-hit-couchdb-and-hadoop-servers/




*** Adobes naughty Chrome telemetry code had XSS problem ***
---------------------------------------------
Since patched, but a bad look for Adobe when it cant even get snoopware right Adobes pushed out a fix for its already-controversial Chrome telemetry extension after Project Zeros Tavis Ormandy found an ..
---------------------------------------------
www.theregister.co.uk/2017/01/19/adobe_telemetry_patch_patched_against_xss/




*** Insecure Hadoop installs next in net scum crosshairs ***
---------------------------------------------
Because MongoDB, Elasticsearch ransomware attacks are sooo last week Rinse-and-repeat ransomware attacks on data services left unsecured by dozy sysadmins are now hitting Hadoop instances.
---------------------------------------------
www.theregister.co.uk/2017/01/19/insecure_hadoop_installs_under_attack/




*** Ex-Sysadmin fordert 200.000 Dollar für Nennung von Passwort ***
---------------------------------------------
US-amerikanisches College wirft ehemaligem Mitarbeiter Erpressung vor
---------------------------------------------
http://derstandard.at/2000050946919




*** Apple’s malware problem is accelerating ***
---------------------------------------------
For a long time, one of the most common reasons for buying an Apple computer over a Windows-based one was that the former was less susceptible to viruses and other malware. However, the ..
---------------------------------------------
https://www.helpnetsecurity.com/2017/01/19/apple-malware-problem-accelerating/




*** Viren, Spam und Computerausfälle betreffen IT-Sicherheit bei KMU ***
---------------------------------------------
Fehlendes Wissen und Angst vor Kosten wichtigste Gründe, warum Situation nicht verbessert wird
---------------------------------------------
http://derstandard.at/2000051117771




*** DSA-3766 mapserver - security update ***
---------------------------------------------
It was discovered that mapserver, a CGI-based framework for Internetmap services, was vulnerable to a stack-based overflow. This issueallowed a remote user to crash the service, or potentially execute arbitrary code.
---------------------------------------------
https://www.debian.org/security/2017/dsa-3766




*** Google veröffentlicht Riesen-Patch-Paket für Android ***
---------------------------------------------
94 einzelne Lücken, 10 kritische Sicherheitsprobleme; Googles Android Security Bulletin für den Januar hat es in sich.
---------------------------------------------
https://heise.de/-3603108




*** Forcepoint: Carbanak nutzt Google-Dienste für Malware-Hosting ***
---------------------------------------------
Wer seine Malware auf einem Command-und-Control-Server hostet, läuft Gefahr, von Firewall-Regeln erkannt zu werden. Die Carbanak-Gruppe liefert Kommandos daher über Google-Docs aus.
---------------------------------------------
http://www.golem.de/news/forcepoint-carbanak-nutzt-google-dienste-fuer-malware-hosting-1701-125693.html




*** Hackingvorwürfe: "Deutschland stellt Russland als Aggressor dar" ***
---------------------------------------------
Russisches Außenamt beschwert sich über deutsche Vorgangsweise: "Keine Beweise vorgelegt"
---------------------------------------------
http://derstandard.at/2000051188487




*** Samsung SmartCam-Kameras sind Freiwild für Botnetz-Betreiber ***
---------------------------------------------
Forscher haben vor Jahren Lücken in der SmartCam SNH-1011 entdeckt, die von Samsung nur unzureichend geflickt wurden. Nun sind die IP-Kameras erneut angreifbar.
---------------------------------------------
https://heise.de/-3603201


More information about the Daily mailing list