End-of-Shift report
Timeframe: Dienstag 08-01-2013 18:00 − Mittwoch 09-01-2013 18:00
Handler: Stephan Richter
Co-Handler: Otmar Lendl
Serious Password Reset Hole In Accellion Secure FTP
chicksdaddy writes "A security researcher who was looking for vulnerabilities in Facebooks platform instead stumbled on a much larger hole that could affect scores of firms who rely on a secure file transfer platform from Accellion. Writing on his blog on Monday, Israeli researcher Nir Goldshlager said he discovered the password reset vulnerability while analyzing a Accellion deployment that is used, internally, by Facebook employees. Goldshlager used public knowledge of the Accellion...
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/BpSzZxCpN3k/story01.htm
Microsoft Updates for Multiple Vulnerabilities
The Microsoft Security Bulletin Summary for January 2013 describes
multiple vulnerabilities in Microsoft software. Microsoft has
released updates to address the vulnerabilities.
http://technet.microsoft.com/en-us/security/bulletin/ms13-jan
Adobe Security Bulletins Posted
Today, we released the following Security Bulletins: APSB13-01 Security updates available for Adobe Flash Player APSB13-02 Security updates available for Adobe Reader and Acrobat Customers of the affected products should consult the relevant Security Bulletin(s) for details. This posting is provided "AS IS" with no warranties and confers no rights.
http://blogs.adobe.com/psirt/2013/01/adobe-security-bulletins-posted-4.html
Experts Identify, Analyze Botnet Used to Launch DDOS Attacks Against US Banks
"Researchers have been constantly analyzing the distributed denial-of-service (DDOS) attacks launched by Izz ad-Din al-Qassam Cyber Fighters against United States financial institutions but, up until now, little was known about the resources used by the hacktivists. Incapsula, a cloud-based security and acceleration service provider, has uncovered some interesting details about the cyberattacks and the botnet that powers them after noticing that the website of a new customer was...
http://news.softpedia.com/news/Experts-Identify-Analyze-Botnet-Used-to-Launch-DDOS-Attacks-Against-US-Banks-319699.shtml
Mobile Browser Security: Problem Exists Between Device and Chair
"Last month, a Georgia Tech study found that mobile browsers frequently left even expert users insufficient information to judge if a site was potentially dangerous, because of user interface limitations. The item that is most problematic is how SSL information is displayed. Compared to desktops, mobile browsers have far more limited ways to show if a site is using SSL...."
http://blog.trendmicro.com/trendlabs-security-intelligence/mobile-browser-security-problem-exists-between-device-and-chair/
Kritische Lücken in Firefox, Thunderbird und SeaMonkey geschlossen
Mit den jüngsten Updates haben die Entwickler zahlreiche Schwachstellen in den Mozilla-Programmen beseitigt. Man sollte daher sicherstellen, dass man jeweils die aktuelle Version nutzt.
http://rss.feedsportal.com/c/32407/f/463925/s/2758df0f/l/0L0Sheise0Bde0Cmeldung0CKritische0ELuecken0Ein0EFirefox0EThunderbird0Eund0ESeaMonkey0Egeschlossen0E17794490Bhtml0Cfrom0Crss0A9/story01.htm
First confirmed hard victim of Ruby on Rails Zero-Day Dutch DigiD Government Service. All services
"After having alerted on a new SQL Injection Vulnerability in Ruby on rails on 3 january, Bricade alerted on a second, even more serious, Zero Day on 8 January. The Dutch Government DigiD Service reported today 9th of January on their website that the DigiD service was not available today. See
https://www...."
http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/
Aktuelle Foxit-Reader-Version führt Schadcode aus
In Browser-Plug-in des PDF-Anzeigeprogramms klafft eine hochkritische Sicherheitslücke, weshalb man es umgehend abschalten sollte.
http://rss.feedsportal.com/c/32407/f/463925/s/275a0b01/l/0L0Sheise0Bde0Cmeldung0CAktuelle0EFoxit0EReader0EVersion0Efuehrt0ESchadcode0Eaus0E1780A290A0Bhtml0Cfrom0Crss0A9/story01.htm
Cisco Security Advisory: Cisco Prime LAN Management Solution Command Execution Vulnerability
Advisory ID: cisco-sa-20130109-lms
Cisco Prime LAN Management Solution (LMS) Virtual Appliance contains a
vulnerability that could allow an unauthenticated, remote attacker to
execute arbitrary commands with the privileges of the root user.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms