End-of-Shift report
Timeframe: Montag 15-10-2012 18:00 − Dienstag 16-10-2012 18:00
Handler: Stephan Richter
Co-Handler: Otmar Lendl
Precision Espionage mini Flame Malware Tied to Flame, Gauss
"One of three previously unseen pieces of malware discovered during forensic analysis of the Flame malware command-and-control servers has been identified as a secondary surveillance tool deployed against specially identified targets, and only after an initial Flame or Gauss compromise, researchers said today. MiniFlame, or SPE, was originally thought to be a Flame module, but researchers at Kaspersky Lab and CERT-Bund/BSI determined the program can stand alone as an independent piece of...
http://threatpost.com/en_us/blogs/precision-espionage-miniflame-malware-tied-flame-gauss-101512?utm_source=Newsletter_101512&utm_medium=Email+Marketing&utm_campaign=Newsletter&CID=&CID=
Developers ignore their security responsibilities: Oracle
"Software developers are ignoring their responsibilities to protect and design infrastructure that is properly secured, according to Oracle Chief Security Officer Mary Ann Davidson. Speaking at the Australian Information Security Associations National Conference 2012 in Sydney today, Davidson said that developers, in many cases, were building systems used in key infrastructure without even thinking about security."Do we really think that the people that decide [to] have self-driving...
http://www.zdnet.com/developers-ignore-their-security-responsibilities-oracle-7000005808/
Global card fraud continues to rise - survey
"A quarter of people have been hit by card fraud during the past five years, prompting many to ditch their provider, says an ACI Worldwide-commissioned survey covering 17 countries around the world. According to the Aite Group poll of 5223 people - around 300 for each country - Mexicans are the most likely to fall victim to fraudsters, with 44% hit in the last five years. Chip and PIN-less America comes second, on 42%, followed by India on 37%...."
http://www.finextra.com/News/Fullstory.aspx?newsitemid=24166
Eugene Kaspersky Unveils Plans for New Secure SCADA OS
"Attacks against SCADA and industrial-control systems have become a major concern for private companies as well as government agencies, with executives and officials worried about the potential effects of a major compromise. Security experts in some circles have been warning about the possible ramifications of such an attack for some time now, and researchers have found scores of vulnerabilities in SCADA and ICS systems in the last couple of years. Now, engineers at Kaspersky Lab have...
http://threatpost.com/en_us/blogs/eugene-kaspersky-unveils-plans-new-secure-scada-os-101612
Reverse Engineering Malware - What you need to know?
"Every now and then, a nasty piece of Malware raises its ugly head and wreck havoc on the Enterprise Infrastructure. It is often necessary to analyze the Malware and understand its working so thatThe impact of the Malware on IT Systems can be ascertained ANDThe nature of preventative controls that can be put in place so that this threat does not spread further. In such scenarios, Reverse Engineering of the Malware becomes a requirement...."
http://infosecnirvana.com/reverse-engineering-malware/
Cyber Security Bulletin SB12-289 - Vulnerability Summary for the Week of October 8, 2012
"High Vulnerabilities : adobe -- adobe_airbackwpup -- backwpupbernhard_wymann -- torcsbigware -- bigware_shopcomponentone -- flexgridcraig_knudsen -- webcalendarMedium Vulnerabilities: activestate -- activeperlactivestate -- activetclactivestate -- activepythonaidanlister -- regcodeapache -- axis2apprain -- apprainLow Vulnerabilities:barracudanetworks -- spam_&_virus_firewall_600bryce_harrington -- xdiagnosecartpauj -- shortcode-redirectemc --...
http://www.us-cert.gov/cas/bulletins/SB12-289.html
WordPress Brute Force Attacks - How you can protect yourself against WordPress Brute Force attacks
"It is common for me to submit several hundred abuse reports as part of our security monitoring service every day. If I was asked for an off the cuff ball park of the main attack types from January 2012 to August 2012, I would probably answer with 40% remote file inclusion attacks, 40% local file inclusion attacks, 15% directory transferal attacks, 4% other (including brute force attacks), and 1% SQL injection attacks. If you asked me from September 2012 forward, the answer would change...
http://www.dynamicnet.net/2012/10/wordpress-brute-force-attacks/
Santanders online banking keeps passwords in cookies
"The retail web site for Santander bank has been discovered to be keeping customer passwords in plain text in cookies held while the user is logged in. The discovery was revealed on the Full Disclosure mailing list when an anonymous user posted details of how credit card numbers and other information was stored in session cookies. The H set out to verify whether the claims were correct...."
http://www.h-online.com/security/news/item/Santander-s-online-banking-keeps-passwords-in-cookies-1730364.html
MyBB 1.6.8 Cross Site Scripting
Topic: MyBB 1.6.8 Cross Site Scripting Risk: Low Text: Exploit Title : Mybb 1.6.8 Cross Site Scripting Author : 3xpl0!t3r Discovered By : Sec-Advisor.Org Da...
http://feedproxy.google.com/~r/securityalert_database/~3/jTSNZAsKIiU/WLB-2012100129