End-of-Shift report
Timeframe: Dienstag 27-11-2012 18:00 − Mittwoch 28-11-2012 18:00
Handler: Robert Waldner
Co-Handler: n/a
Java Zero-Day Exploit on Sale for ‘Five Digits’
Miscreants in the cyber underground are selling an exploit for a previously undocumented security hole in Oracles Java software that attackers can use to remotely seize control over systems running the program, KrebsOnSecurity has learned.
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/P9epzhQazQ0/
Cooperation is key for Europes cyber security - Conclusion of ENISA Brussels event
"A high-level event organised by Europes cyber security agency, ENISA, recognised closer cyber cooperation and mutual support as key factors for boosting cyber security for Europes citizens, governments and businesses. The meeting, held today (27th November) in Brussels, was led by ENISAs Executive Director, Professor Udo Helmbrecht, and brought together key figures from the European Parliament, European Commission and the computer industry. Participants included Ms Amelia Andersdotter,
http://mb.cision.com/Main/119/9341197/71035.pdf
Sysadmin creates tool to scour web for hacked data
"A Wellington system administrator has developed a tool to identify corporate secrets, hacked data and even stolen credit cards as they emerge on social networks and online clipboards. Users could set the OSINT OPSEC (Open Source Intelligence / Operational Security) Tool to monitor for keywords, allowing, for example, an organisation to be alerted if a hacking group dumped its sensitive data to clipboard site Pastebin. Or it could scour Stack Exchange for intellectual property code
http://www.itnews.com.au/News/324176,sysadmin-creates-tool-to-scour-web-for-hacked-data.aspx
Vuln: Tor Remote Denial of Service Vulnerability
Tor Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/56675
Yahoo zero day exploit goes on sale for $700
"A hacker has begun selling what they claim is a zero-day exploit that will let criminals hijack control of Yahoo Mail users accounts. The hacker, who goes by the moniker TheHell, posted a video marketing a $700 exploit kit on the secretive Darkode cybercrime market on Monday. The video was later spotted and re-posted onto YouTube by security blogger Brian Krebs."Im selling Yahoo stored xss that steal Yahoo emails cookies and works on ALL browsers...."
http://www.v3.co.uk/v3-uk/news/2227722/yahoo-zero-day-exploit-goes-on-sale-for-usd700
DNS servers filled with wrong Kool-Aid, big names waylaid in Romania
Microsoft, Yahoo!, Google, PayPal all graffitid A hacker today redirected web surfers looking for Yahoo, Microsoft or Google to a page showing a TV test card by apparently poisoning Googles public DNS system.…
http://go.theregister.com/feed/www.theregister.co.uk/2012/11/28/google_romania_dns_hack/