End-of-Shift report
Timeframe: Samstag 19-01-2013 18:18 − Montag 21-01-2013 18:18
Handler: L. Aaron Kaplan
Co-Handler: Christian Wojner
Android Botnet Infects 1 Million Plus Phones
Trailrunner7 writes "Up to a million Android users in China could be part of a large mobile botnet, according to research unveiled by Kingsoft Security, a Hong Kong-based security company, this week. The botnet has spread across phones running the Android operating system via Android.Troj.mdk, a Trojan that researchers said exists in upwards of 7,000 applications available from non-Google app marketplaces, including the popular Temple Run and Fishing Joy games." Update: 01/19 12:54
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/QL1JqKgnwOU/story01.htm
In Syria, the Cyberwar Intensifies
"The front pages have been dominated for more than a year by photos of young Syrian rebel fighters, armed and proud, battling an increasingly isolated Syrian military. But amid the shooting, the atrocities and the bombings, there is a parallel war a sophisticated cyber insurgency battling a shadowy team working on behalf of the Assad regime. The Syrians online conflict may be the most active cyberwar in recent memory, with extraordinary efforts by both sides to sabotage, disrupt and
http://www.defensenews.com/article/20130118/C4ISR01/301180018/In-Syria-Cyberwar-Intensifies?odyssey=tab%7Ctopnews%7Ctext%7CFRONTPAGE
Malware shuts down US power company
"A computer virus attacked a turbine control system at a US power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a US government website. The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident...."
http://articles.timesofindia.indiatimes.com/2013-01-17/security/36393196_1_stuxnet-malicious-software-computer-virus
Vuln: Oracle MySQL Server Heap Overflow Vulnerability
Oracle MySQL Server Heap Overflow Vulnerability
http://www.securityfocus.com/bid/56768
Beware: malware masquerading as Java patch
"Opportunist hackers are capitalising on fears over Java vulnerabilities by spreading malware posing as patches for the under fire computer platform. Oracle has endured a torrid week over Javas security, having already issued Update 11 to fix critical flaw CVE-2013-0422 a threat deemed serious enough for the US Department of Homeland Security to recommend that users completely disable Java from their computers...."
http://www.itproportal.com/2013/01/18/beware-malware-masquerading-java-patch/#20
Hackers Leak 1.7 GB of Data from Azerbaijans Special State Protection Service
"The information leaked by the hacktivists doesnt belong only to the Special State Protection Service, but also to other organizations linked to it, including ING Geneva, Sumato Energy, BNP Paribas, Taurus Petroleum and even security solutions provider Prolexic. The hackers say the files contain passport scans, reports, confidential shareholder documents, account statements, letters of credit, and details of oil drilling technologies. At the beginning of January, the hackers leaked
http://news.softpedia.com/news/Hackers-Leak-1-7-GB-of-Data-from-Azerbaijan-s-Special-State-Protection-Service-322585.shtml
Google zahlt Durchleitungsentgelte an Orange
http://www.heise.de/meldung/Google-zahlt-Durchleitungsentgelte-an-Orange-1788434.html/from/atom10
Google will Passwörter durch Ring ersetzen
Google testet derzeit Möglichkeiten die klassische Passworteingabe durch Hardware abzulösen. So könnte man sich zukünftig per USB-Stick in sein Google-Konto anmelden. Auch eine NFC-Lösung mittels Ring am Finger wäre für Google denkbar.
http://futurezone.at/future/13609-google-will-passwoerter-durch-ring-ersetzen.php?rss=fuzo
Netzpolitik - Webadresse von Kärntner Jugendreferat führte zu Pornoseite
Hackerangriff vermutet - Problem mittlerweile behoben
http://derstandard.at/1358304202191/Webadresse-von-Kaerntner-Jugendreferat-fuehrte-zu-Pornoseite
Shylock banking malware spreads via Skype
"The banking Trojan known as Shylock has been updated with new functionality, including the ability to spread over Skype. The program was discovered in 2011 that steals online banking credentials and other financial information from infected computers. Shylock, named after a character from Shakespeares "The Merchant of Venice"...."
http://thehackernews.com/2013/01/shylock-banking-malware-spreads-via.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Daily+Cyber+News+Updates%29&_m=3n.009a.102.oh0aof3sx0.2ir
Arguing Against Voluntary Standards - CEOs See Provisions over Infosec Standards as Distraction
"The idea of the U.S. federal government and industry jointly developing IT security best practices will do little to help critical infrastructure operators defend against cyber-risk, says Business Roundtable Vice President Liz Gasster. "It makes an underlying assumption that the point of best practices will, in fact, be effective in addressing cybersecurity risk," Gasster says in an interview with Information Security Media Group. "And that while best practices are a useful
http://www.healthcareinfosecurity.com/interviews/arguing-against-voluntary-standards-i-1767?rf=2013-01-21-eh