Tageszusammenfassung - Mittwoch 5-09-2012

End-of-Shift report

Timeframe: Dienstag 04-09-2012 18:00 - Mittwoch 05-09-2012 18:00 Handler: Stephan Richter Co-Handler: Otmar Lendl

Bugtraq: Secunia Research: Adobe Photoshop TIFF SGI24LogLum Decompression Buffer Overflow

Secunia Research: Adobe Photoshop TIFF SGI24LogLum Decompression Buffer Overflow


Widely used fingerprint reader exposes Windows passwords in seconds

"Fingerprint-reading software preinstalled on laptops sold by Dell, Sony, and at least 14 other PC makers contains a serious weakness that makes it trivial for hackers with physical control of the machine to quickly recover account passwords, security researchers said. The UPEK Protector Suite, which was acquired by Melbourne, Florida-based Authentec two years ago, is marketed as a secure means for logging into Windows computers using an owners unique fingerprint, rather than a


Anonymous Project Mayhem 2012 - December 21st 2012.

"You are Anonymous. You are Project Mayhem 2012 . On the 10 days that go from 12-12-2012 to 12-21-2012, the world will see an unprecedented amount of Corporate, Financial, Military and State leaks that will have been secretly gathered by millions of CONSCIENTIOUS citizens, vigilantes, whistle blowers and initiates. THE GLOBAL ECONOMIC SYSTEM WILL START THE FINAL FINANCIAL MELTDOWNFOR *TRUST* IN FEAR BASED MONEY WILL BE FINALLY BROKENPEOPLE ALL OVER THE WORLD, OUT OF FEAR TO GO BANKRUPT,


FBI says Apple ID heist claim is TOTALLY FALSE

'Not our data' Popcorn time Hot on the heels of AntiSec's claim that the purloined Apple device IDs it dumped to Pastebin came from the FBI, the G-men have flatly denied the story.


Secret account in mission-critical router opens power plants to tampering

"The branch of the US Department of Homeland Security that oversees critical infrastructure has warned power utilities, railroad operators, and other large industrial players of a weakness in a widely used router that leaves them open to tampering by untrusted employees. The line of mission-critical routers manufactured by Fremont, California-based GarrettCom contains an undocumented account with a default password that gives unprivileged users access to advanced options and features,


HP stellt sich erneut an den Security-Pranger

Die Zero Day Initiative (ZDI) hat erneut Informationen über ungepatchte Sicherheitslücken in HP-Produkten veröffentlicht


Is Java now too dangerous to use?

"Java, the great enabler of useful applications or a waste of space that is doing more harm than good? After the last few weeks this has become a question worthy of a philosophy lecture. First in late August came news of two serious zero day Java vulnerabilities (CVE-2012-4681), with plenty of evidence that criminals were exploiting them in a big enough way to pose serious questions over Javas continued use...."