Tageszusammenfassung - Freitag 29-11-2013

End-of-Shift report

Timeframe: Donnerstag 28-11-2013 18:00 − Freitag 29-11-2013 18:00 Handler: Stephan Richter Co-Handler: n/a

Stealing Credit Cards - A WordPress and vBulletin Hack

What better way to celebrate Thanksgiving than to share an interesting case that involves two of the most popular CMS applications out there - vBulletin and WordPress. Here is a real case that we just worked on this week, involving an attacker dead set on stealing credit card information. Enjoy! The Environment The client runs...

http://blog.sucuri.net/2013/11/stealing-credit-cards-a-wordpress-and-vbulletin-hack.html

JPEG Files Used For Targeted Attack Malware

We recently came across some malware of the SOGOMOT and MIRYAGO families that update themselves in an unusual way: they download JPEG files that contain encrypted configuration files/binaries. Not only that, we believe that this activity has been ongoing since at least the middle of 2010. A notable detail of the malware we came across...

http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/l94pQWbJ28g/

Security Bulletin: IBM BladeCenter Advanced Management Module Account Information Exposure (CVE-2013-6718)

An interface on the IBM BladeCenter Advanced Management Module (AMM) may expose user account names and passwords that have been configured on that AMM. CVE(s): CVE-2013-6718 Affected product(s) and affected version(s): These IBM BladeCenter Advanced Management Module Firmware versions are affected: v3.64B (BPET64B, BBET64B, and BPEO64B) v3.64C (BPET64C, BBET64C, and BPEO64C) v3.64G (BPET64G, BBET64G, and BPEO64G) This applies to the following hardware products: BladeCenter

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718?lang=en_us

Google Android com.android.settings Lets Local Applications Remove Device Locks

http://www.securitytracker.com/id/1029410

Cisco IOS XR SNMP Memory Leak Lets Remote Users Deny Service

http://www.securitytracker.com/id/1029408

Cisco IOS XE MPLS Processing Flaw Let Remote Users Deny Service

http://www.securitytracker.com/id/1029407

Joomla! All Video Share Component "avssearch" SQL Injection Vulnerability

https://secunia.com/advisories/55888

FFmpeg Multiple Vulnerabilities

https://secunia.com/advisories/55802

WordPress Highlight - Powerful Premium Theme Arbitrary File Upload Vulnerability

https://secunia.com/advisories/55671

WordPress Store Locator Plugin Cross-Site Request Forgery Vulnerability

https://secunia.com/advisories/55276