Tageszusammenfassung - Freitag 14-09-2012
End-of-Shift report
Timeframe: Donnerstag 13-09-2012 18:00 - Freitag 14-09-2012 18:00 Handler: Stephan RichterThe Tinba/Tinybanker Malware
"Trend Micro and CSIS have released a joint white paper about the Tinba information-stealing malware. The paper contains a thorough technical analysis of the malware itself, as well as the architecture of its infrastructure, and its ties to other illegal activities. What is Tinba?..."http://blog.trendmicro.com/?p=44994
Blackhole 2: Crimeware kit gets stealthier, Windows 8 support
Malware-flinging tool to target mobiles too Cybercrooks have unveiled a new version of the Blackhole exploit kit. Version 2 of Blackhole is expressly designed to better avoid security defences. Support for Windows 8 and mobile devices is another key feature, a sign of the changing target platforms for malware-based cyberscams.http://go.theregister.com/feed/www.theregister.co.uk/2012/09/13/blackhole_exploit_kit_revamp/
Bugtraq: Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities
Fortigate UTM WAF Appliance - Multiple Web Vulnerabilitieshttp://www.securityfocus.com/archive/1/524157
Over half of Android devices have unpatched holes
Fix is up to your carrier, Google, mobo maker - just about everyone Duo Security is claiming that "over half" of Android devices have unpatched vulnerabilities.http://go.theregister.com/feed/www.theregister.co.uk/2012/09/14/duo_says_android_security_nightmare/
Analyzing Malicious RTF Files Using OfficeMalScanners RTFScan, (Fri, Sep 14th)
Attackers have been using Rich Text Format (RTF) files to carry exploits targeting vulnerabilities in Microsoft Office and other products. We documented one such incident in June 2009. In a more recent example, the CVE-2012-0158 vulnerability was present in Active X controls within MSCOMCTL.OCX, which could be activated using Microsoft Office and other applications. McAfee described one such exploit, which appeared in the wild in April 2012: In the malicious RTF, a vulnerable OLE...http://isc.sans.edu/diary.html?storyid=14092&rss
Lücke in SSL-Verschlüsselung kaum ausnutzbar
Experten haben ein Problem bei der im Web üblichen SSL-Verschlüsselung ausgemacht, das auftritt, wenn der Inhalt zuvor komprimiert wurde. Zum Glück haben die betroffenen Browser-Hersteller bereits reagiert.Vuln: OpenSLP SLPIntersectStringList() Function Denial of Service Vulnerability
OpenSLP SLPIntersectStringList() Function Denial of Service Vulnerabilityhttp://www.securityfocus.com/bid/55540