End-of-Shift report
Timeframe: Montag 03-09-2012 18:00 -’ Dienstag 04-09-2012 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
Google-Sicherheitswarnung entpuppt sich als Trojaner
http://www.heise.de/security/meldung/Google-Sicherheitswarnung-entpuppt-sich-als-Trojaner-1698071.html/from/atom10
Xen-Based Secure OS Qubes Hits 1.0
Orome1 writes "Joanna Rutkowska, CEO of Invisible Things Lab, today
released version 1.0 of Qubes, a stable and reasonably secure desktop
OS. It is the most secure option among the existing desktop operating
systems - even more secure than Apples iOS, which puts each application
into its own sandbox and does not count on the user to make security
decisions. Qubes will offer users the option of using disposable virtual
machines for executing tasks they believe could harm their
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/QFOuSOQL9zE/xen-based-secure-os-qubes-hits-10
Exposed Terminal Services Remains High Frequency Threat
"Quickly reviewing the HITME data gathered from our global deployment of
HoneyPoint continues to show that exposed Terminal Services (RDP) on
port 3389 remains a high frequency threat. In terms of general contact
with the attack surface of an exposed Terminal Server connection, direct
probes and attacker interaction is seen on an average approximately two
times per hour. Given that metric, an organization who is using exposed
Terminal Services for remote access or management/support, may
http://www.infosecisland.com/blogview/22273-Exposed-Terminal-Services-Remains-High-Frequency-Threat.html
Is it time to knock infected PCs off the internet?
"Malware could block your access to the internet but in some cases by
those on the right side of the security fence, who are deploying tactics
such as blocked ports, letters in the mail and PCs quarantined from the
net to combat the most damaging threats. Last year, authorities led by
the FBI arrested the criminals behind the DNSCharger operation, taking
over their servers. The malware changed victims DNS settings, and
unplugging the servers would have cut off the four million infected PCs
http://www.pcpro.co.uk/news/security/376696/is-it-time-to-knock-infected-pcs-off-the-internet
Hack - AntiSec knackt FBI-Laptop - und "findet" 12 Mio.
Apple-Datensätze
Samt Username, Telefonnummer und Adresse - 1 Million UDIDs als Beweis
veröffentlicht - Ãœber Java-Lücke
http://text.derstandard.at/1345166057287/AntiSec-knackt-FBI-Laptopfindet-12-Mio-Datensaetze-von-iPhone-NutzerInnen
Browser plug-in and website warn about data harvesting by Facebook
apps
"Secure. me has developed a website and a browser plug-in designed to
make Facebook users aware of the personal information that gets
harvested by third-party applications. The App Advisor Security Network
website has profiles on more than 500,000 third-party Facebook
applications that describe the user data they collect, what actions they
can take and whether they are considered unsafe...."
http://news.techworld.com/security/3379011/browser-plug-in-website-warn-about-data-harvesting-by-facebook-apps/?olo=rss
IFA 2012 - Samsung erpresst Blogger und schlittert in PR-Debakel
Nokia springt ein und wird Retter in der Not
http://derstandard.at/1345166104259/Samsung-erpresst-Blogger-und-schlittert-in-mediales-Debakel
[webapps] - Splunk <= 4.3.3 Arbitrary File Read
Splunk <= 4.3.3 Arbitrary File Read
http://www.exploit-db.com/exploits/21053
[webapps] - Group Office Calendar (calendar/json.php) SQL Injection
Group Office Calendar (calendar/json.php) SQL Injection
http://www.exploit-db.com/exploits/21056