End-of-Shift report
Timeframe: Donnerstag 13-09-2012 18:00 - Freitag 14-09-2012 18:00
Handler: Stephan Richter
The Tinba/Tinybanker Malware
"Trend Micro and CSIS have released a joint white paper about the Tinba
information-stealing malware. The paper contains a thorough technical
analysis of the malware itself, as well as the architecture of its
infrastructure, and its ties to other illegal activities. What is Tinba?..."
http://blog.trendmicro.com/?p=44994
Blackhole 2: Crimeware kit gets stealthier, Windows 8 support
Malware-flinging tool to target mobiles too Cybercrooks have unveiled a new
version of the Blackhole exploit kit. Version 2 of Blackhole is expressly
designed to better avoid security defences. Support for Windows 8 and
mobile devices is another key feature, a sign of the changing target
platforms for malware-based cyberscams.
http://go.theregister.com/feed/www.theregister.co.uk/2012/09/13/blackhole_exploit_kit_revamp/
Bugtraq: Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities
Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities
http://www.securityfocus.com/archive/1/524157
Over half of Android devices have unpatched holes
Fix is up to your carrier, Google, mobo maker - just about everyone Duo
Security is claiming that "over half" of Android devices have unpatched
vulnerabilities.
http://go.theregister.com/feed/www.theregister.co.uk/2012/09/14/duo_says_android_security_nightmare/
Analyzing Malicious RTF Files Using OfficeMalScanners RTFScan, (Fri,
Sep 14th)
Attackers have been using Rich Text Format (RTF) files to carry exploits
targeting vulnerabilities in Microsoft Office and other products. We
documented one such incident in June 2009. In a more recent example, the
CVE-2012-0158 vulnerability was present in Active X controls within
MSCOMCTL.OCX, which could be activated using Microsoft Office and other
applications. McAfee described one such exploit, which appeared in the wild
in April 2012: In the malicious RTF, a vulnerable OLE...
http://isc.sans.edu/diary.html?storyid=14092&rss
Lücke in SSL-Verschlüsselung kaum ausnutzbar
Experten haben ein Problem bei der im Web üblichen SSL-Verschlüsselung
ausgemacht, das auftritt, wenn der Inhalt zuvor komprimiert wurde. Zum
Glück haben die betroffenen Browser-Hersteller bereits reagiert.
http://www.heise.de/security/meldung/Luecke-in-SSL-Verschluesselung-kaum-ausnutzbar-1708371.html/from/atom10
Vuln: OpenSLP SLPIntersectStringList() Function Denial of Service
Vulnerability
OpenSLP SLPIntersectStringList() Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/55540
[webapps] - Trend Micro InterScan Messaging Security Suite Stored XSS
and CSRF
Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF
http://www.exploit-db.com/exploits/21319