End-of-Shift report
Timeframe: Dienstag 11-09-2012 18:05 - Mittwoch 12-09-2012 18:00
Handler: Stephan Richter
Co-Handler: Christian Wojner
Bugtraq: ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities
ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities
http://www.securityfocus.com/archive/1/524142
Bugtraq: Multiple vulnerabilities in Ezylog photovoltaic management
server
Multiple vulnerabilities in Ezylog photovoltaic management server
http://www.securityfocus.com/archive/1/524140
Vuln: libguac Remote Buffer Overflow Vulnerability
libguac Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55497
The geography of cybercrime: Western Europe and North America
"The Internet knows no borders, but according to our data, cybercrime has
specific geographical features. In different parts of the world
cybercriminals launch different malicious programs, their attacks have
different priorities and they use different tricks to make money. This is
not just due to their physical location, but also due to the nature of the
countries where their potential victims are located...."
http://www.securelist.com/en/analysis/204792244/The_geography_of_cybercrime_Western_Europe_and_North_America
Cosmo, the Hacker God Who Fell to Earth
"Cosmo is huge 6 foot 7 and 220 pounds the last time he was weighed, at a
detention facility in Long Beach, California on June 26. And yet hes
getting bigger, because Cosmo also known as Cosmo the God, the
social-engineering mastermind who weaseled his way past security systems at
Amazon, Apple, AT&T, PayPal, AOL, Netflix, Network Solutions, and Microsoft
is just 15 years old. He turns 16 next March, and he may very well do so
inside a prison cell...."
http://www.wired.com/gadgetlab/2012/09/cosmo-the-god-who-fell-to-earth/
Inside your users brains: Where they get security advice
"IT professionals work hard to become experts in their field. They also
work hard protecting the infrastructure and users they're responsible for.
Unfortunately, not everyone has access to an IT expert...."
http://www.techrepublic.com/blog/security/inside-your-users-brains-where-they-get-security-advice/8361?tag=nl.e098&s_cid=e098
Microsoft will Flash-Lücke im IE10 nun doch schließen
Nachdem es Kritik hagelte, will Microsoft den in seinem neuen Internet
Explorer festintegrierten Flash Player nun doch vor der offiziellen
Freigabe von Windows 8 aktualisieren.
http://www.heise.de/security/meldung/Microsoft-will-Flash-Luecke-im-IE10-nun-doch-schliessen-1705228.html/from/atom10
Vuln: Dnsmasq Remote Denial of Service Vulnerability
Dnsmasq Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54353
Cyber security strengthened at EU institutions
"EU institutions have reinforced their fight against cyber threats by
establishing the EUs Computer Emergency Response Team, or CERT-EU, on a
permanent basis. This decision follows a successful one-year pilot for the
team, which drew positive assessments from clients and peers.
Vice-President Maros Sefcovic said: "The EU institutions, like any other
major organizations, are frequently the target of information security
incidents...."
http://www.net-security.org/secworld.php?id=13580
Cyber Crime: The QR code: A new frontier in mobile attackability
A single poisoned link is all it takes to expose an entire organization to
a full-scale attack. Hackers write sophisticated browser-based attacks that
operate quite stealthily. Now, they're going a...
http://feedproxy.google.com/~r/HelpNetSecurity/~3/OL5fpFtGGvU/article.php
Visas New End-to-End Encryption Service - P2P Encryption Program Aims
to Eliminate POS Card Risks
"Visas new end-to-end encryption service aims to eliminate payment card
data at the merchant level. Eduardo Perez of Visas Risk Group discusses the
security value of this emerging solution. Visas Merchant Data Secure with
Point-to-Point Encryption solution wont launch until 2013...."
http://www.bankinfosecurity.com/interviews/visas-new-end-to-end-encryption-service-i-1650?rf=2012-09-12-eb&elq=2961184241c74e9a881233c05439db31&elqCampaignId=