End-of-Shift report
Timeframe: Dienstag 26-02-2013 18:00 − Mittwoch 27-02-2013 18:00
Handler: Matthias Fraidl
Co-Handler: L. Aaron Kaplan
Ichitaro zero-day Vulnerability exploited in the wild, targets Japan users
"JustSystems Corporation, the developer of one of the top Japanese word processor Ichitaro, announced that Arbitrary code execution vulnerbility in Ichitaro is being exploited in the wild. When an user open a malicious document that exploits this vulnerability, the malware will be dropped in the victims machine. The malware can delete your data , warns JustSystems...."
http://www.ehackingnews.com/2013/02/ichitaro-zero-day-vulnerability.html
Certified online banking trojan in the wild
"Jean-Ian Boutin, who works for AV firm Eset, has discovered trojans that carry a valid digital signature. This potentially allows online banking spyware to pass superficial tests as harmless. Apparently, the certificate in question was issued by the DigiCert Certificate Authority to a company that ceased to exist a long time ago...."
http://www.h-online.com/security/news/item/Certified-online-banking-trojan-in-the-wild-1808898.html
DSA-2632 linux-2.6
privilege escalation/denial of service
http://www.debian.org/security/2013/dsa-2632
The email gaffe - how to control the damage
""It sended!" says a distraught Gloria on TV comedy Modern Family. "Please come back."Its a familiar phrase said all too often in the tech era, where email gaffes happen every day. Take for example the story of the British bride-to-be who was humiliated after the hotel where she planned to hold her wedding described her and her fiance in an email as not "the right type of people" to stay there...."
http://www.smh.com.au/digital-life/hometech/the-email-gaffe--how-to-control-the-damage-20130227-2f50n.html
Schon wieder Notfall-Update für Flash-Player
Das Flash-Plugin wird in diesem Monat schon zum dritten Mal aktualisiert. Revision 11.6.602.171 soll zwei Lücken stopfen, die Adobe zufolge bereits aktiv ausgenutzt werden.
http://rss.feedsportal.com/c/32407/f/463925/s/28ffb58c/l/0L0Sheise0Bde0Csecurity0Cmeldung0CSchon0Ewieder0ENotfall0EUpdate0Efuer0EFlash0EPlayer0E18119960Bhtml0Cfrom0Crss0A9/story01.htm
Microsoft delivers final version of IE 10 for Windows 7
"Microsoft released to the Web the final (non-test) build of Internet Explorer 10 for Windows 7 on February 26. As of today, Microsoft is making the final bits available for download from its IE site in 95 languages. (If that link doesnt work, try this one from the Microsoft Download Center.)Microsoft plans to begin auto-updating customers with Windows 7 Service Pack 1 and/or Windows Server 2008 R2 and higher with the IE10 "in the weeks ahead," officials said...."
http://www.zdnet.com/microsoft-delivers-final-version-of-ie-10-for-windows-7-7000011849/?s_cid=e064
Encryption no longer seen as just an IT issue
"There has been a steady increase in the deployment of encryption solutions used by organizations over the past eight years. The percentage of overall IT security spending dedicated to encryption has also increased, almost doubling from 10% to 18%, demonstrating that organizations are prioritizing encryption over other security technologies, say the result of Thales Global Encryption Trends Study, released at RSA Conference 2013 in San Francisco. More than 4,000 business and IT managers
http://www.net-security.org/secworld.php?id=14493
The Real Story of Stuxnet
How Kaspersky Lab tracked down the malware that stymied Iran's
nuclear-fuel enrichment program
http://beta.spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
Google sperrt hackende Spammer aus
Zusätzliche Sicherheitsmaßnahmen sollen den Missbrauch von legitimen Google-Accounts deutlich eingeschränkt haben.
http://rss.feedsportal.com/c/32407/f/463925/s/290553b0/l/0L0Sheise0Bde0Csecurity0Cmeldung0CGoogle0Esperrt0Ehackende0ESpammer0Eaus0E18126550Bhtml0Cfrom0Crss0A9/story01.htm
Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities
Please give us your feedback on Cisco Security Intelligence Operations. Thanks! Cisco Unified Communications Manager contains two vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Exploitation of these vulnerabilities could cause an interruption of voice services.Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130227-cucm?vs_f=Cisco Security Advisory&vs_cat=Security Intelligence&vs_type=RSS&vs_p=Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities&vs_
Helping ISPs defend customers against bot infections
"At RSA Conference 2013 Kindsight announced the Kindsight Botnet Security service to help Internet service providers detect botnet activity in the network and protect subscribers against bot infections (click on the screenshot to enlarge it):The solution is embedded within the service providers networks to analyze Internet traffic for communications between infected devices and the bot masters command-and-control (C&C) servers...."
http://www.net-security.org/secworld.php?id=14506