End-of-Shift report
Timeframe: Montag 04-11-2013 18:00 − Dienstag 05-11-2013 18:00
Handler: Stephan Richter
Co-Handler: n/a
Switzerland to set up Swiss cloud free of NSA, GCHQ snooping (it hopes)
Gnomes of Zurich want spook-immune system Swisscom, the Swiss telco thats majority owned by its government, will set up a "Swiss cloud" hosted entirely in the land of cuckoo clocks and fine chocolate - and try to make the service impervious to malware and uninvited spooks.
http://go.theregister.com/feed/www.theregister.co.uk/2013/11/04/switzerland_to_set_up_swiss_cloud_free_of_nsa_snooping/
Is your vacuum cleaner sending spam?, (Tue, Nov 5th)
Past week, a story in a Saint Petersburg (the icy one, not the beach) newspaper caught quite some attention, and was picked up by The Register [1]. The story claimed that appliances like tea kettles, vacuum cleaners and iron(y|ing) irons shipped from China and sold in Russia were discovered to contain rogue, WiFi enabled chip sets. As soon as power was applied, the vacuum cleaner began trolling for open WiFi access points, and if it found one, it would hook up to a spam relay and start ...
http://isc.sans.edu/diary.html?storyid=16958
When attackers use your DNS to check for the sites you are visiting, (Mon, Nov 4th)
Nowadays, attackers are definitely interested in checking what sites you are visiting. Depending on that information, they can setup attacks like the following: Phising websites and e-mail scams targeted to specific people so they leave their private information. Network spoofing with tools like dsniff, where attackers can tell computers that the sites they want to visit are located somewhere else, therefore enabling them to interact with victims posing like the original site.
http://isc.sans.edu/diary.html?storyid=16955
Manifest: Bei XMPP/Jabber soll Verschlüsselung zur Pflicht werden
Entwickler und Betreiber von XMPP-/Jabber-Software und -Diensten, darunter auch der Jabber-Erfinder Jeremie Miller, wollen es zur Pflicht machen, die Kommunikation über XMPP in Zukunft zu verschlüsseln.
http://www.golem.de/news/manifest-bei-xmpp-jabber-soll-verschluesselung-zur-pflicht-werden-1311-102553-rss.html
Biggest Risks in IPv6 Security Today
Although IPv6 packets have started to flow, network engineers still tread lightly because of lingering security concerns. Here are the top six security risks in IPv6 network security today as voted by gogoNET members, a community of 95,000 network professionals.
http://www.cio.com/article/742652/Biggest_Risks_in_IPv6_Security_Today
WhatsApp-Backup speichert Klartext bei Apple
Die eingebaute Backup-Funktion des beliebten Messaging-Programms speichert auf dem iPhone alle Texte und Bilder bei Apples iCloud - und zwar völlig unverschlüsselt.
http://www.heise.de/security/meldung/WhatsApp-Backup-speichert-Klartext-bei-Apple-2037496.html
Cisco Security Notices
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5548
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5551
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5555
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5559
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5561
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5562
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5564
Vuln: Cisco Prime Central for Hosted Collaboration Solution CVE-2013-5564 Denial of Service Vulnerability
Cisco Prime Central for Hosted Collaboration Solution CVE-2013-5564 Denial of Service Vulnerability
http://www.securityfocus.com/bid/63490
Bugtraq: ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability.
http://www.securityfocus.com/archive/1/529620
Bugtraq: ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities.
http://www.securityfocus.com/archive/1/529621
VU#436214: Attachmate Verastream Host Integrator Vulnerable to Arbitrary File Uploads
Vulnerability Note VU#436214 Attachmate Verastream Host Integrator Vulnerable to Arbitrary File Uploads Original Release date: 04 Nov 2013 | Last revised: 04 Nov 2013 Overview The Attachmate Verastream Host Integrator (VHI) is vulnerable to arbitrary file uploads.
http://www.kb.cert.org/vuls/id/436214
GitLab Remote code execution vulnerability in the code search feature
Topic: GitLab Remote code execution vulnerability in the code search feature Risk: High Text:Remote code execution vulnerability in the code search feature of GitLab There is a remote code execution vulnerability in t...
http://cxsecurity.com/issue/WLB-2013110026
GitLab Remote code execution vulnerability in the SSH key upload
Topic: GitLab Remote code execution vulnerability in the SSH key upload Risk: High Text:# Remote code execution vulnerability in the SSH key upload feature of GitLab There is a remote code execution vulnerability...
http://cxsecurity.com/issue/WLB-2013110025