End-of-Shift report
Timeframe: Donnerstag 07-03-2013 18:00 − Freitag 08-03-2013 18:00
Handler: Stephan Richter
Co-Handler: Otmar Lendl
Advance Notification for March 2013 - Version: 1.0
http://technet.microsoft.com/en-us/security/bulletin/ms13-mar
IPv6 Focus Month: Barriers to Implementing IPv6, (Thu, Mar 7th)
Ive been trying for a few months now to get my lab running IPv6 natively, with mixed success. Whats standing in my way you ask? A couple of things, which in turn have further implications:...
http://isc.sans.edu/diary.html?storyid=15361&rss
IPv6 Focus Month: Filtering ICMPv6 at the Border, (Fri, Mar 8th)
Paulgear1 asked on twitter: help on interpreting RFC4890. I still havent turned on IPv6 because Im not confident in my firewall. First of all, what is RFC4890 all about [1]? The RFC is considered informational, not a standard. Usual guidance for IPv4 is to not block ICMP error messages, but one can get away with blocking all ICMP messages. The situation is a bit different when it comes to ICMPv6...
http://isc.sans.edu/diary.html?storyid=15367&rss
Bugtraq: [security bulletin] HPSBGN02854 SSRT100881 rev.1 - HP Intelligent Management Center (iMC), iMC TACACS+ Authentication Manager (TAM), and iMC User Access Manager (UAM), Cross Site Scripting (XSS), Remote Code Execution, Remote Disclosure of
http://www.securityfocus.com/archive/1/525928
More Info on Recent ICS-CERT Advisories
"ICS-CERT has been busy this week. They updated an alert on Tuesday and issued two advisories yesterday. In two of those three actions there were some interesting questions raised about some of the information provided, or not provided in their documents...."
http://chemical-facility-security-news.blogspot.in/2013/03/more-info-on-recent-ics-cert-advisories_1595.html
What ICS-CERT Is and Isnt
"When ICS-CERT was created I expected a lot more. I expected analysis and insight from skilled ICS security experts. The reality is ICS-CERT is merely a coordinator of communication between vulnerability finders and the vendor...."
http://www.digitalbond.com/blog/2013/03/07/what-ics-cert-is-and-isnt/
Android accounted for 79% of all mobile malware in 2012
"A new study has found that Googles (GOOG) mobile operating system is targeted by hackers far more than any other mobile platform. Security firm F-Secure found that Android accounted for 79% of all mobile malware in 2012, an increase from 66. 7% in 2011 and 11...."
http://bgr.com/2013/03/07/android-malware-2012-362787/
Vuln: CoDeSys Gateway Server Multiple Security Vulnerabilities
CoDeSys Gateway Server Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/58032
Pwn2Own: IE10, Firefox, Chrome, Reader, Java hacks land $500k
Googles Chrome OS withstands attack in security contest Its back to the drawing board for coders at Microsoft, Google, Adobe, Mozilla, and Oracle after entrants in the annual Pwn2Own contest waltzed off with over half a million dollars in prizes for exploiting security holes in popular software...
http://go.theregister.com/feed/www.theregister.co.uk/2013/03/08/pwn2own_contest_cansecwest/
Bugtraq: SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1)
http://www.securityfocus.com/archive/1/525938
Bugtraq: SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2)
http://www.securityfocus.com/archive/1/525941
Leaked: The secret OAuth app keys to Twitters VIP lounge
Rogue apps could pose as micro-blogging sites Very Important Programs Twitters private OAuth login keys, used by the websites official applications to get preferential treatment from the micro-blogging site, have apparently been leaked. The secret credentials could now allow any software to masquerade as an approved Twitter client...
http://go.theregister.com/feed/www.theregister.co.uk/2013/03/08/twitter_oauth_leaked_keys/
Heads-Up - Citadel Command and Control Domains
"We have detected new Citadel malware activity, again coming from within large, some Dutch, organizations. These Citadel Trojans are not part of the Pobelka botnet (Dutch) that we discovered last year on September 7, 2012. From the data we have gathered so far, we believe this new campaign is running since late November 2012...."
http://www.surfright.nl/en/citadel