End-of-Shift report
Timeframe: Mittwoch 23-01-2013 18:00 − Donnerstag 24-01-2013 18:00
Handler: Matthias Fraidl
Co-Handler: Christian Wojner
Cisco Prime LAN Management Solution Command Execution Vulnerability
Please give us your feedback on Cisco Security Intelligence Operations. Thanks! Cisco Prime LAN Management Solution (LMS) Virtual Appliancecontains a vulnerability that could allow an unauthenticated, remoteattacker to execute arbitrary commands with the privileges of the root user. Thevulnerability is due to improper validation of authentication andauthorization commands sent to certain TCP ports. An attackercould exploit this vulnerability by connecting to the affected systemand sending
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms?vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_p=Cisco Prime LAN Management Solution Command Execution Vulnerability&vs_k=1
Phisher missbrauchen URL-Weiterleitung der Arbeitsagentur
PayPal-Phishing ist ein alter Hut. Neu ist, dass die Phishing-Links auf Arbeitsagentur.de zeigen.
http://rss.feedsportal.com/c/32407/f/463925/s/27d32215/l/0L0Sheise0Bde0Cmeldung0CPhisher0Emissbrauchen0EURL0EWeiterleitung0Eder0EArbeitsagentur0E17897860Bhtml0Cfrom0Crss0A9/story01.htm
Megas erster Krypto-Fauxpas
Ein eigentlich cleveres Konzept zum Nachladen von Code entpuppt sich als potentielle Hintertür, weil dabei ungeeignete Krypto-Funktionen zum Einsatz kommen. So könnten Dritte Teile des Mega-Codes manipulieren.
http://rss.feedsportal.com/c/32407/f/463925/s/27d24431/l/0L0Sheise0Bde0Cmeldung0CMegas0Eerster0EKrypto0EFauxpas0E1790A1370Bhtml0Cfrom0Crss0A9/story01.htm
DNS attacks increase by 170%
"Radware identified a number of new attack methods representative of todays increasingly sophisticated and severe DDoS threat. Their latest report highlights server-based botnets and encrypted layer attacks as just two of the new attack tools challenging organizations during DDoS attacks. While security organizations have focused their efforts and attention on the pre and post-phases of defense, attackers now launch prolonged attacks that last days or weeks...."
http://www.net-security.org/secworld.php?id=14285
Most exploit kits originated in Russia, say researchers
"58 percent of the vulnerabilities targeted by the most popular exploit kits in Q4 were more than two years old and 70 percent of exploit kits reviewed were released or developed in Russia, reveals Solutionary SERTs Q4 2012 Quarterly Research Report. In reviewing 26 commonly used exploit kits, SERT identified exploit code dating as far back as 2004, serving as evidence that old vulnerabilities continue to prove fruitful for cyber criminals. The fact that 58 percent of the vulnerabilities
http://www.net-security.org/secworld.php?id=14286
Most US banks were DDoSed last year - survey
One in 10 banking IT bods say budget constraints an issue Nearly two-thirds of retail banks experienced at least one distributed denial of service (DDoS) attack in the past year, according to a new survey.
http://go.theregister.com/feed/www.theregister.co.uk/2013/01/24/ddos_survey_banks/
Malware - USA sind Botnet-Standort Nummer Eins
Mehr Zombie-Rechner-Netzwerke als in China und Russland zusammen.
http://derstandard.at/1358304537265/USA-sind-Botnet-Standort-Nummer-Eins
Spammer entdecken WhatsApp
Spammer missbrauchen den beliebten Messaging-Dienst WhatsApp derzeit offenbar verstärkt als Transportmittel für ihre dubiosen Werbebotschaften.
http://www.heise.de/meldung/Spammer-entdecken-WhatsApp-1790526.html/from/atom10
New Trojan fakes search results
January 15, 2013 Russian anti-virus company Doctor Web is warning users about a malicious program dubbed BackDoor.Finder which fakes search result pages and redirects browsers to bogus websites. When launched in an infected system, BackDoor.Finder creates a copy of itself in the current users % APPDATA% folder and makes corresponding changes in the branch of the Windows registry responsible for application startup. After that this malware injects its code into all running processes. If it
http://news.drweb.com/show/?i=3218&lng=en&c=9
Backdoors Found in Barracuda Networks Gear
A broad variety of the latest firewall, spam filter and VPN appliances sold by Campbell, Calif. based Barracuda Networks Inc. contain undocumented backdoor accounts, the company disclosed today. Worse still, while the backdoor accounts are apparently set up so that they would only be accessible from Internet addresses assigned to Barracuda, they are in fact accessible to potentially hundreds of other companies and network owners.Related Posts:Amnesty International Site Serving Java ExploitNew
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/OyYLL3kGjlo/
Update-Probleme mit Microsofts Gratis-Virenscanner
Auf einigen Systemen aktualisieren die Microsoft Security Essentials seit einigen Tagen ihre Signatur nicht mehr selbstständig. Abhilfe schafft das manuelle Einspielen eines Signaturpakets.
http://rss.feedsportal.com/c/32407/f/463925/s/27dc0058/l/0L0Sheise0Bde0Cmeldung0CUpdate0EProbleme0Emit0EMicrosofts0EGratis0EVirenscanner0E1790A9260Bhtml0Cfrom0Crss0A9/story01.htm