End-of-Shift report
Timeframe: Donnerstag 18-10-2012 18:00 − Freitag 19-10-2012 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
Download the report from FireEye, now.
"Learn how to protect your organization from the most dangerous cyber attacks by discovering the tactics used in successful attacks. In a unique report from FireEye, youll get first-hand information from the FireEye Malware Intelligence Labs, which analyzes data from Malware Protection Systems (MPS) deployed behind existing security defenses. Youll benefit from gaining visibility into the most lethal attacks of the year, and discovering how they successfully evaded traditional
http://www2.fireeye.com/FierceCIO_Advanced_Threat_LP.html
Cyber Security Awareness Month - Day 18 - Vendor Standards: The vSphere Hardening Guide, (Thu, Oct 18th)
Many vendors have security hardening guides - step-by-step guides to increasing the security posture of one product or another. We alluded to the Cisco guides earlier this month (Day 11), Microsoft also makes a decent set of hardening guides for Windows server and workstation products, as do most Linux distros - youll find that most vendors have documents of this type. VMwares vSphere hardening guide is one I use frequently. Its seen several iterations over the years - the versions considered
http://isc.sans.edu/diary.html?storyid=14341&rss
Apple banishes Java from Mac browsers
Fanbois told to install Oracles plugin Apple has discontinued its own Java plugin, issuing an update that removes it from MacOS and encourages users to instead download Oracles version of the software.�
http://go.theregister.com/feed/www.theregister.co.uk/2012/10/19/apple_banishes_java_from_macos_browsers/
Dont secure the internet, it needs crime: Diffie
"While many people see securing the internet as a means to stopping cybercrime, former vice president for information security and cryptography at the Internet Corporation for Assigned Names and Numbers (ICANN) Whitfield Diffie thinks that internet crime may be necessary. Diffie, who spoke at the Australian Information Security Associations National Conference 2012 in Sydney this week, is better known for his contribution to the cryptography community by devising with Martin Hellman and
http://www.zdnet.com/dont-secure-the-internet-it-needs-crime-diffie-7000005958/
Palo Alto Networks GlobalProtect Man-In-The-Middle
Topic: Palo Alto Networks GlobalProtect Man-In-The-Middle Risk: Low Text: SySS-Advisory: MitM-vulnerability in Palo Alto Networks GlobalProtect Prob...
http://feedproxy.google.com/~r/securityalert_database/~3/SD1xHp0GFaM/WLB-2012100155
RealPlayer 15.0.6.14 suffers from Arbitrary Code Execution
Topic: RealPlayer 15.0.6.14 suffers from Arbitrary Code Execution Risk: High Text:Title : RealPlayer 15.0.6.14 suffers from Arbitrary Code Execution Version : 15.0.6.14 Date : 2012-10-18 Vendor : ...
http://feedproxy.google.com/~r/securityalert_database/~3/ZE9qMdPQl-Q/WLB-2012100156
Vuln: Computer Associates ARCserve Backup Remote Code Execution and Denial of Service Vulnerabilities
Computer Associates ARCserve Backup Remote Code Execution and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56116