End-of-Shift report
Timeframe: Mittwoch 20-02-2013 18:00 − Donnerstag 21-02-2013 18:00
Handler: Stephan Richter
Co-Handler: Christian Wojner
SANS SCADA Summit at Orlando - Bigger problems and so far from getting them solved, (Wed, Feb 20th)
7 days ago finished the eight version of the SANS SCADA Summit at Orlando. Conferences were really great and it was a great opportunity to see that I am not the only CISO that is having trouble developing and implementing an information security program to the ICS world of the company. The most important conclusions obtained back there are: Operators and professionals from the industrial world does only care about the process: they want it efficient, reliable, available all the time and...
http://isc.sans.edu/diary.html?storyid=15160&rss
Vuln: Jenkins Cross-Site Scripting, Security Bypass, and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/57994
Vuln: Drupal Core Image Derivatives Denial of Service Vulnerability
http://www.securityfocus.com/bid/58069
Vuln: Drupal Ubercart Views and Ubercart Modules full name field HTML Injection Vulnerability
http://www.securityfocus.com/bid/58065
Vuln: Drupal Menu Reference Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/58067
Vuln: Drupal Banckle Chat Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/57942
Bugtraq: [CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF
http://www.securityfocus.com/archive/1/525758