End-of-Shift report
Timeframe: Dienstag 04-12-2012 18:00 − Mittwoch 05-12-2012 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
SHA1-Schwäche begünstigt Passwortknacker
Jens Steube, einer der Autoren des populären Passwortknackers Hashcat, hat eine "Schwäche im kryptografischen Hash-Verfahren SHA1" (PDF-Datei) ausgemacht, die es ihm erlaubt, das Knacken von Passwörtern um etwa 20 Prozent zu beschleunigen.
http://www.heise.de/security/meldung/SHA1-Schwaeche-beguenstigt-Passwortknacker-1762051.html/from/atom10
ATM Thieves Swap Security Camera for Keyboard
This blog has featured stories about a vast array of impressive, high-tech devices used to steal money from automated teller machines (ATMs). But every so often thieves think up an innovation that makes all of the current ATM skimmers look like childs play. Case in point: Authorities in Brazil have arrested a man who allegedly stole more than USD $41,000 from an ATM after swapping its security camera with a portable keyboard that let him hack the cash machine.
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/kPS5w9ExcfQ/
Twitter’s deathless spoofing bug gets the heart-stake again
Facebook, Venmo also plug SMS vuln Twitter says it has plugged its years-old SMS spoofing vulnerability after yet-another disclosure, this time by security consultant Jonathan Rudenberg. Facebook and social payments outfit Venmo have also blocked the vulnerability.…
http://go.theregister.com/feed/www.theregister.co.uk/2012/12/05/twitter_dumb_sms_bug_plugged_again/
Security Patch released for BIND 9.9.2, (Wed, Dec 5th)
A security patch was released for BIND 9.9.2. The patch addresses 26 different bugs and/or security issues. Update your bind DNS server to version 9.9.2-P1. Updates can be downloaded here:
http://www.isc.org/downloads/all More information is available here:
https://kb.isc.org/article/AA-0082 (c) SANS Internet Storm Center.
http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://isc.sans.edu/diary.html?storyid=14641&rss
Apache Tomcat CSRF Prevention Filter Bypass
Topic: Apache Tomcat CSRF Prevention Filter Bypass Risk: Low Text:CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter Severity: Important Vendor: The Apache Software Foundation ...
http://feedproxy.google.com/~r/securityalert_database/~3/llUlhAAXXjo/WLB-2012120048
Apache Tomcat Security Bypass
Topic: Apache Tomcat Security Bypass Risk: Medium Text:CVE-2012-3546 Apache Tomcat Bypass of security constraints Severity: Important Vendor: The Apache Software Foundation ...
http://feedproxy.google.com/~r/securityalert_database/~3/bHs7rEreGXQ/WLB-2012120047
HPSBPI02807 SSRT100928 rev.1 - HP LaserJet Pro 400 Multi Function Printers, Remote Unauthorized Access
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03464042
HPSBPI02828 SSRT100778 rev.1 - HP LaserJet and Color LaserJet, Cross-Site Scripting (XSS)
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03556108
HPSB3C02831 SSRT100661 rev.1 - HP Intelligent Management Center User Access Manager (UAM), Remote Execution of Arbitrary Code
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
Sophos Security Threat Report 2013: Norway Is the Safest Country
"Sophos has just released its Security Threat Report 2013. The study focuses on topics such as Mac malware, targeted attacks, polymorphic attacks, ransomware, Android threats, Java attacks, and the BlackHole exploit kit. An interesting part of the report is the one which details the 10 riskiest and the 10 safest countries in the world...."
http://news.softpedia.com/news/Sophos-Security-Threat-Report-2013-Norway-Is-the-Safest-Country-311985.shtml
New 25-GPU Monster Devours Strong Passwords In Minutes
chicksdaddy writes "A presentation at the Passwords^12 Conference in Oslo, Norway (slides), has moved the goalposts on password cracking yet again. Speaking on Monday, researcher Jeremi Gosney (a.k.a epixoip) demonstrated a rig that leveraged the Open Computing Language (OpenCL) framework and a technology known as Virtual Open Cluster (VCL) to run the HashCat password cracking program across a cluster of five, 4U servers equipped with 25 AMD Radeon GPUs communicating at 10 Gbps and 20 Gbps...
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/cC50oUE-O1A/story01.htm
The Citadel crimeware kit - under the microscope
Ever since the source code of the Zeus crimeware kit, also known as
Zbot, was leaked onto the internet in May 2011, many new variants have
appeared. These have typically added new features and improved on the
old code. One particularly prevalent example is Citadel.
http://nakedsecurity.sophos.com/2012/12/05/the-citadel-crimeware-kit-under-the-microscope/