Tageszusammenfassung - Montag 7-01-2013

End-of-Shift report

Timeframe: Freitag 04-01-2013 18:00 − Montag 07-01-2013 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter

Patch for IE Zero Day Wont Be Among Microsoft Security Updates Next Week

"Microsoft plans to release a pair of critical bulletins on Tuesday for its first round of 2013 monthly security updates, but still has no announcement regarding a patch for the zero day vulnerability and exploit in Internet Explorer reported over the Christmas holiday. Users are urged to apply a Fix It released Dec. 31 for the vulnerability in IE 6, 7 and 8 that was at the heart of an attack on the Council on Foreign Relations website as well as that of energy manufacturer Capstone...

http://threatpost.com/en_us/blogs/patch-ie-zero-day-wont-be-among-microsoft-security-updates-next-week-010313?utm_source=Newsletter_010413&utm_medium=Email+Marketing&utm_campaign=Newsletter&CID=&CID=


Dutch Government Aims to Shape Ethical Hackers Disclosure Practices

"The Dutch governments cyber security center has published guidelines that it hopes will encourage ethical hackers to disclose security vulnerabilities in a responsible way."Persons who report an IT vulnerability have an important social responsibility," the Dutch ministry of Security and Justice said on Thursday, announcing guidelines for ethical hacking that were published by the countrys National Cyber Security Center (NCSC). White-hat hackers and security researchers play an...

http://www.cio.com/article/725400/Dutch_Government_Aims_to_Shape_Ethical_Hackers_39_Disclosure_Practices?taxonomyId=3089


FreePBX 2.7.0.3 & Elastix 2.3.0 SQL injection

Topic: FreePBX 2.7.0.3 & Elastix 2.3.0 SQL injection Risk: Medium Text:# Exploit Title: SQL injection in FreePBX 2.7.0.3 / Elastix 2.3.0 # Google Dork: N/A # Date: 05/01/2013 # Exploit Author: S...

http://feedproxy.google.com/~r/securityalert_database/~3/DfqeYKHkuXM/WLB-2013010038


pfSense 2.0.1 XSS & CSRF & Command Execution

Topic: pfSense 2.0.1 XSS & CSRF & Command Execution Risk: High Text: # # Exploit Title: pfSense 2.0.1 XSS & CSRF Remote root Access # Date: 04/01/2013 # Author: Yann CAM ...

http://feedproxy.google.com/~r/securityalert_database/~3/1o3q8BIwTZs/WLB-2013010035


MyBB Profile Wii Friend Code 1.0 Cross Site Scripting and SQL Injection

Topic: MyBB Profile Wii Friend Code 1.0 Cross Site Scripting and SQL Injection Risk: Medium Text:# Exploit Title: MyBB Profile Wii Friend Code SQLi/Persistent XSS # Dork: intitle:"Profile of" intext:"Wii Friend Code" inurl:...

http://feedproxy.google.com/~r/securityalert_database/~3/lZtyzTcL-Tc/WLB-2013010031


BSI release Draft Cyber Security standard - PAS 555\

"This PAS specifies a framework for the governance and management of cyber security risk. The requirements of this PAS define the overall outcomes of effective cyber security, and include technical, physical, cultural and behavioural measures alongside effective leadership and governance. While there are many standards and guidelines available that can help tackle cyber security risk, they tend to define good practice as to how elements of effective cyber security might be...

http://drafts.bsigroup.com/Home/Details/49890


Adobe ColdFusion Security Advisory, (Sat, Jan 5th)

Adobe released a security advisory which identifies three vulnerabilities (CVE-2013-0625, CVE-2013-0629, CVE-2013-0631) affecting ColdFusion for Windows, Macintosh and Unix. They have received reports that these vulnerabilities are actively being exploited. Adobe is currently planning to release a fix for January 15, 2013. Additional information and mitigations options available here. [1] http://www.adobe.com/support/security/advisories/apsa13-01.html Guy Bruneau IPSS Inc.

http://isc.sans.edu/diary.html?storyid=14827&rss


Neuer Exploit für Lücke im Internet Explorer

Einer Sicherheitsfirma gelang es nach eigenen Angaben, Microsofts provisorischen Patch für die kritische IE-Lücke auszutricksen.

http://rss.feedsportal.com/c/32407/f/463925/s/2738e1e8/l/0L0Sheise0Bde0Cmeldung0CNeuer0EExploit0Efuer0ELuecke0Eim0EInternet0EExplorer0E17778750Bhtml0Cfrom0Crss0A9/story01.htm


Malware targets Java HTTP servers

"A malware that strikes at Java HTTP servers and allows attackers to gain control on underlying systems has been spotted by security researchers of anti-virus vendor Trend Micro Inc. Using a password cracking tool, cybercriminals are able to login and gain manager/administrative rights allowing the deployment of Web application archive (WAR) file packages with the backdoor to the server, according to a post last Thursday on the Trend Labs. & Once done, the backdoor can now browse,

http://www.itworldcanada.com/news/malware-targets-java-http-servers/146535


Symantec links latest Microsoft zero-day with skilled hacker gang

"Symantec is crediting a hacker group with an impressive track record as responsible for finding the latest as yet unpatched vulnerability in older versions of Microsofts Internet Explorer browser. A gang Symantec calls the Elderwood group appears to have found the latest zero-day vulnerability in IE, which can allow a malicious website to automatically infect a persons computer.[ Security expert Roger A. Grimes offers a guided tour of the latest threats and explains what you can do to...

http://www.infoworld.com/d/security/symantec-links-latest-microsoft-zero-day-skilled-hacker-gang-210109?source=rss_security


Crimeware Author Funds Exploit Buying Spree

"The author of Blackhole, an exploit kit that booby-traps hacked Web sites to serve malware, has done so well for himself renting his creation to miscreants that the software has emerged as perhaps the most notorious and ubiquitous crimeware product in the Underweb. Recently, however, the author has begun buying up custom exploits to bundle into a far more closely-held and expensive exploit pack, one that appears to be fueling a wave of increasingly destructive online extortion schemes. An...

http://krebsonsecurity.com/2013/01/crimeware-author-funds-exploit-buying-spree/


Wordpress NextGEN Gallery plugin Cross-Site Scripting Vulnerability

Topic: Wordpress NextGEN Gallery plugin Cross-Site Scripting Vulnerability Risk: Low Text: ## # # Exploit Title : Wordpress NextGEN Gallery plugin Cross-Site Scripting Vulnerability # # Author : IrI...

http://feedproxy.google.com/~r/securityalert_database/~3/ESFCnSJbmkU/WLB-2013010042


Wordpress wilderness SQL injection

Topic: Wordpress wilderness SQL injection Risk: Medium Text:# Exploit Title: Wordpress wilderness SQL injection # Google Dork: inurl:/wp-content/themes/wilderness/gallery.php # Date: 20...

http://feedproxy.google.com/~r/securityalert_database/~3/6WtYRSMSzoI/WLB-2013010041


Vuln: CUPS CVE-2012-5519 Local Privilege Escalation Vulnerability

CUPS CVE-2012-5519 Local Privilege Escalation Vulnerability

http://www.securityfocus.com/bid/56494


Sicherheit - Ubisofts Spieleplattform Uplay gehackt

Spielehersteller arbeitet bereits an Lösung und ruft zu besseren Passwörtern auf

http://derstandard.at/1356426935498/Ubisofts-Spieleplattform-Uplay-gehackt


Google, Yahoo, Microsoft und Amazon anfällig für Clickjacking

Ein Sicherheitsforscher demonstriert an populären Webseiten wie Amazon, Google, Yahoo und Microsoft Live, dass viele Webseiten immer noch schlecht gegen Clickjacking geschützt sind.

http://rss.feedsportal.com/c/32407/f/463925/s/274546ad/l/0L0Sheise0Bde0Cmeldung0CGoogle0EYahoo0EMicrosoft0Eund0EAmazon0Eanfaellig0Efuer0EClickjacking0E17780A360Bhtml0Cfrom0Crss0A9/story01.htm