End-of-Shift report
Timeframe: Mittwoch 19-12-2012 18:00 − Donnerstag 20-12-2012 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
Sweet Orange Exploit Kit Offers Customers Higher Infection Rates
"The newly emerging Sweet Orange Exploit Kit boasts a 10 to 25 percent infection rate and is promising to drive 150,000 unique visitors per day to the websites of its customers, according to Jeff Doty and Chris Larsen of Blue Coat Security. If the claims of Sweet Oranges authors reflect reality, it means that users of the kit can expect to add anywhere between 15,000 and 37,500 machines to their botnet per day. Sweet Orange has 45 dedicated IP addresses and 267 unique domains, which Doty...
http://threatpost.com/en_us/blogs/sweet-orange-exploit-kit-offers-customers-higher-infection-rates-121812?utm_source=Newsletter_121912&utm_medium=Email+Marketing&utm_campaign=Newsletter&CID=&CID=
MyBB MyYoutube Cross Site Scripting
Topic: MyBB MyYoutube Cross Site Scripting Risk: Low Text:# Exploit Title: MyYoutube MyBB Stored XSS # Date: 17.12.2012 # Exploit Author: limb0 # Vendor Homepage:
http://www.mybb-es....
http://feedproxy.google.com/~r/securityalert_database/~3/C8aZDfreDmo/WLB-2012120143
MyBB Xbox Live ID Cross Site Scripting
Topic: MyBB Xbox Live ID Cross Site Scripting Risk: Low Text:# Exploit Title: Xbox Live ID MyBB Plugin Stored XSS # Date: 13/12/2012 # Exploit Author: limb0 # Vendor Homepage:
http://ww...
http://feedproxy.google.com/~r/securityalert_database/~3/qUghUFk2MwE/WLB-2012120142
Vuln: Cerberus FTP Server Web Admin Multiple HTML-Injection Vulnerabilities
Cerberus FTP Server Web Admin Multiple HTML-Injection Vulnerabilities
http://www.securityfocus.com/bid/56906
Bugtraq: EMC Avamar: World writable cache files
EMC Avamar: World writable cache files
http://www.securityfocus.com/archive/1/525095
Apache plug-in doles out Zeus attack
Points victims to Sweet Orange exploit server, slurps banking credentials Anti-virus outfit Eset has discovered a malicious Apache module in the wild that serves up malware designed to steal banking credentials.
http://go.theregister.com/feed/www.theregister.co.uk/2012/12/20/apache_dangerous_plugin/
SurgeFTP Remote Command Execution
Topic: SurgeFTP Remote Command Execution Risk: High Text:require msf/core class Metasploit3
http://feedproxy.google.com/~r/securityalert_database/~3/iwcAssIZcxo/WLB-2012120151
Drupal Core 6.x & 7.x Access Bypass & Code Execution
Topic: Drupal Core 6.x & 7.x Access Bypass & Code Execution Risk: High Text:View online:
http://drupal.org/SA-CORE-2012-004 * Advisory ID: DRUPAL-SA-CORE-2012-004 * Project: Drupal core [1] * ...
http://feedproxy.google.com/~r/securityalert_database/~3/bLFpBaVeTdc/WLB-2012120150
ENISA on Smart Grids: a Risk-Based Approach Is Key to Secure Implementation
"The European Network and Information Security Agency (ENISA) has released a new report to help smart grid providers properly secure their infrastructures against cyberattacks. The European Union hopes to achieve a 20% increase in renewable energy, a 20% reduction in CO2 emissions, and a 20% increase in energy efficiency by 2020. Smart grids can help a lot in achieving these goals, but they must be rolled out in a secure way...."
http://news.softpedia.com/news/ENISA-on-Smart-Grids-a-Risk-Based-Approach-Is-Key-to-Secure-Implementation-316157.shtml
Vuln: Zend Framework Zend_Feed Component Information Disclosure Vulnerabilities
Zend Framework Zend_Feed Component Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56982
PGP, TrueCrypt-encrypted files CRACKED by £300 tool
Plod at the door? Better yank out that power cable ElcomSoft has built a utility that forages for encryption keys in snapshots of a PCs memory to decrypt PGP and TrueCrypt-protected data.
http://go.theregister.com/feed/www.theregister.co.uk/2012/12/20/elcomsoft_tool_decrypts_pgp/
Sicherheitslücke in AMDs Catalyst-Control-Center
Eigentlich soll das Catalyst-Control-Center von AMD helfen die Treiber für Grafikkarten so aktuell wie möglich zu halten - über ein Ausnutzen der Update-Benachrichtigung kann vermutlich ein manipulierter Treiber untergejubelt werden.
http://rss.feedsportal.com/c/32407/f/463925/s/26cbb061/l/0L0Sheise0Bde0Cmeldung0CSicherheitsluecke0Ein0EAMDs0ECatalyst0EControl0ECenter0E17729880Bhtml0Cfrom0Crss0A9/story01.htm