Tageszusammenfassung - Montag 26-11-2012

End-of-Shift report

Timeframe: Freitag 23-11-2012 18:00 − Montag 26-11-2012 18:00 Handler: Matthias Fraidl Co-Handler: Robert Waldner

Mystery Chrome 0-day exploit to be unveiled in India on Saturday

I dont want $60k, I want FAME? A Georgian security researcher is due to present details of an unpatched vulnerability in Googles Chrome browser at the Malcon security conference in India over the weekend.

http://go.theregister.com/feed/www.theregister.co.uk/2012/11/23/mystery_chrome_0_day/


eBay schließt kritische Sicherheitslöcher

Das Online-Auktionshaus hat unter anderem eine Lücke geschlossen, durch die man lesend und schreibend auf eine seiner Datenbanken zugreifen konnte.

http://www.heise.de/security/meldung/eBay-schliesst-kritische-Sicherheitsloecher-1756146.html/from/atom10


Dreamhost Breached, Server & client information leaked

A pastebin user using the handle Syst3mswt has posted a a dump of server information which appears to come from the well known and popular web hosting service Dream Host (http://www.dreamhost.com).

http://www.cyberwarnews.info/2012/11/24/dreamhost-breached-server-client-information-leaked/


Digitally signed ransomware lurking in the wild

"Trend Micro researchers have spotted two ransomware variants bearing the same (probably stolen) digital signature in order to fool users into running the files. Other than that, the malware acts like any other ransomware: it blocks the victims computer and shows messages that seem to come either from the FBI or the UKs Police Central e-crime Unit:"Users may encounter these files by visiting malicious sites or sites exploiting a Java vulnerability," say the researchers...."

http://www.net-security.org/malware_news.php?id=2331


Symantec Warns of New Malware Targeting SQL Databases

"Symantec is warning of a new bit of malware that appears to be modifying corporate databases, particularly in the Middle East, though its showing up elsewhere in the world too. W32. Narilam, first discovered Nov. 15, follows a similar pattern of other worms by copying itself onto infected machines, adding registry keys and propogating through removable drives and network shares...."

http://threatpost.com/en_us/blogs/symantec-warns-new-malware-targeting-sql-databases-112312


Google.com.pk and 284 Other .PK Domains Hacked

ryzvonusef writes with news that hackers have taken down the local Pakistan versions of many popular websites, including google.com.pk, apple.pk, microsoft.pk and yahoo.pk. 284 sites were affected in total. Many of the sites were defaced, and a group called Eboz is taking credit for the hack. According to TechCrunch, "The root of today's attack, it seems, came via a breach of Pakistan's TLD operator, PKNIC, which administers and registers all .pk domains. Looking at affected

http://rss.slashdot.org/~r/Slashdot/slashdot/~3/iiSda5ExrUk/story01.htm


New Cyber Security challenges take on Stuxnet and Malware

"The Cyber Security Challenge UK has launched four new cyber challenges for budding information security experts. Professional teams from Orange, Prodrive, (ISC)2, the SANS Institute, QiniteQ and Sophos will be testing over 100 amatuer cyber defenders who will qualify via the first-round virtual contest. The challengers will have the opportunity to compete in one of four competitions:The Orange and Prodrive Risk Analysis Candidates will have to develop a complex security architecture to

http://www.info4security.com/story.asp?sectioncode=9&storycode=4129799&c=1


1-15 November 2012 Cyber Attacks Statistics

"This November 2012 seems really to be endless from an Information Security Perspective. We have assisted so far to a remarkable number of Cyber Attacks. As usual is it time to provide the partial snapshot of November taken from the corresponding Cyber Attack Timeline and covering the first half of the month...."

http://hackmageddon.com/2012/11/23/1-15-november-2012-cyber-attacks-statistics/


EU plant Meldepflicht für Cyber-Attacken

Zum besseren Schutz vor Cyber-Attacken denkt die EU auch über eine Meldepflicht von Cyberattacken für Unternehmen nach. "Ich bin ein großer Befürworter von Selbstregulierung, aber in diesem Fall fürchte ich, dass wir damit nicht weiterkommen", sagte die für die Digitale Agenda zuständige EU-Kommissarin Neelie Kroes der Süddeutschen Zeitung.

http://www.heise.de/newsticker/meldung/EU-plant-Meldepflicht-fuer-Cyber-Attacken-1756475.html/from/atom10


Phishing-Mail bittet um fotografierte TAN-Liste

Die Ideen gehen den Phishern nicht aus: Eine neue Phishing-Mail bittet Kunden der Deutschen Bank AG, ihre TAN-Liste zu fotografieren oder einzuscannen und über eine präparierte Seite hochzuladen.

http://www.heise.de/security/meldung/Phishing-Mail-bittet-um-fotografierte-TAN-Liste-1754414.html/from/atom10


Websense Proxy Filter Bypass

Topic: Websense Proxy Filter Bypass Risk: Low Text:Websense Proxy Filter Bypass 1. Advisory Information Date published: 2012-11-25 Vendors contacted: Websense Release mo...

http://feedproxy.google.com/~r/securityalert_database/~3/OpLiRLavk6Y/WLB-2012110186


Vuln: ModSecurity POST Parameters Security Bypass Vulnerability

ModSecurity POST Parameters Security Bypass Vulnerability

http://www.securityfocus.com/bid/56096