End-of-Shift report
Timeframe: Dienstag 15-10-2013 18:00 − Mittwoch 16-10-2013 18:00
Handler: Matthias Fraidl
Co-Handler: n/a
ORACLE Critical Patch Update - October 2013
Critical Patch Update - October 2013
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
** Follow-up **
Critical Java Update Plugs 51 Security Holes
Oracle has released a critical security update that fixes at least 51 security vulnerabilities in its Java software. Patches are available for Linux, Mac OS X, Solaris and Windows versions of the software.
http://krebsonsecurity.com/2013/10/java-update-plugs-51-security-holes/
Android-Verschlüsselung wurde verschlimbessert
Android bevorzugt offenbar seit einigen Jahren für Internet-Verbindungen Verschlüsselungsverfahren, die eigentlich als geknackt gelten. Die Motivation dahinter ist unklar.
http://www.heise.de/security/meldung/Android-Verschluesselung-wurde-verschlimbessert-1979572.html
Google Fixes Three High-Risk Flaws in Chrome
There is a trio of high-risk security vulnerabilities in Google Chrome that have been patched in a new version of the browser released on Tuesday. The vulnerabilities all are use-after-free bugs, and Google paid a total of $5,000 in rewards to researchers who discovered and reported them.
http://threatpost.com/google-fixes-three-high-risk-flaws-in-chrome/102586
Registrar in Metasploit DNS Hijacking Not Duped by Fax
Rapid7 said today that an employee at its registrar, Register.com, was duped out of their credentials leading to a DNS hijacking attack against the Rapid7 and Metasploit websites.
http://threatpost.com/registrar-in-metasploit-dns-hijacking-not-duped-by-fax/102588
How Vulnerable Are Your Phishing Targets?
How Vulnerable Are Your Phishing Targets?
https://community.rapid7.com/community/metasploit/blog/2013/10/16/how-vulnerable-are-your-phishing-targets
ASLR Bypass Apocalypse in Lately Zero-Day Exploits
ASLR (Address Space Layout Randomization) is one of the most effective protection mechanisms in the modern operation system. However, there were many innovative ASLR bypass techniques used in recent APT attacks.
http://www.fireeye.com/blog/technical/cyber-exploits/2013/10/aslr-bypass-apocalypse-in-lately-zero-day-exploits.html
Vulnerabilities Discovered in Global Vessel Tracking Systems
Text by Marco Balduzzi and Kyle Wilhoit Trend Micro researchers have discovered that flaws in the AIS vessel tracking system can allow attackers to hijack communications of existing vessels, create fake vessels, trigger false SOS or collision alerts and even permanently disable AIS tracking on any vessel. Figure 1.
http://blog.trendmicro.com/trendlabs-security-intelligence/vulnerabilities-discovered-in-global-vessel-tracking-systems/
Blog: Under Pressure
Any online project - be it a long-lost blog, or a new start-up's web app - has a very important performance feature called a "maximum load". This indicator makes itself known when a web app either partially or fully fails to perform its assigned functions to process user requests.
http://www.securelist.com/en/blog/8136/Under_Pressure
Yet another Bitcoin accepting E-shop offering access to thousands of hacked PCs spotted in the wild
The never-ending supply of access to compromised/hacked PCs - the direct result of the general availability of DIY/cracked/leaked malware/botnet generating tools - continues to grow in terms of the number and variety of such type of underground market propositions.
http://www.webroot.com/blog/2013/10/16/yet-another-bitcoin-accepting-e-shop-offering-access-thousands-hacked-pcs-spotted-wild/
Honeydroid: Android-Handy wird zur Hackerfalle
Experten der Deutschen Telekom machen aus Android-Smartphones mobile Honeypots. So haben sie in drei Monaten über 10.000 Angriffe auf ein einzelnes Gerät im Mobilnetz protokollieren können.
http://www.heise.de/security/meldung/Honeydroid-Android-Handy-wird-zur-Hackerfalle-1980058.html
Convincing "Urgent Windows Error Fix" phishing email doing rounds
A pretty convincing email phishing campaign is targeting one of the largest user bases out there - those who use Microsofts Windows OS - by taking advantage of the recent problems that the company has been having with updates.
http://www.net-security.org/secworld.php?id=15779
HP Service Manager Bugs Permit Cross-Site Scripting, Information Disclosure, and Code Injection Attacks
http://www.securitytracker.com/id/1029180
UbiDisk File Manager v2.0 iOS - Multiple Web Vulnerabilities
http://www.exploit-db.com/exploits/28977
Apple iOS 7.0.2 SIM Lock Screen Display Bypass
http://cxsecurity.com/issue/WLB-2013100103