End-of-Shift report
Timeframe: Freitag 08-03-2013 18:00 − Montag 11-03-2013 18:00
Handler: Matthias Fraidl
Co-Handler: L. Aaron Kaplan
Yahoo! webmail! hijacks! are! back!...
Didnt! they! fix! that?! Yahoo! has blamed cross-site scripting security bugs, which it claims to have squashed, for a recent upsurge in webmail account takeovers.
http://go.theregister.com/feed/www.theregister.co.uk/2013/03/08/yahoo_webmail_hijack_flare_on/
Pwn2Own ends with all attackers winning
"The Pwn2Own competition at CanSecWest has come to an end with the second day being like the first day. No web browser plugin survived being attacked and Adobe Flash, Adobe Reader XI and Java were all successfully hacked. Vupen security, who had demonstrated exploits of Internet Explorer 10, Firefox and Java on day one, returned with an exploit for Adobe Flash...."
http://www.h-online.com/open/news/item/Pwn2Own-ends-with-all-attackers-winning-1819164.html
DNS Hijack Leads To Bitcoin Heist
First time accepted submitter FearTheFez writes "Social Engineering and poor DNS Security lead to a Bitcoin heist worth about $12000. Bitcoin broker Bitinstant was robbed after thieves managed to take over ownership of their domains. While Bitinstant claims that no customers lost any money, without 2 factor authentication all it took was a place of birth and a mothers maiden name to gain access. This looks like poor security from everyone involved."
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/_Jp5n8Dt8jA/story01.htm
Trend Micro Examines Asprox Botnet
"TrendLabs recently published a research paper providing a detailed look at the Asprox botnet, which delivers malware via spam e-mails that claim to come from package delivery companies like FedEx, DHL, and the U.S. Postal Service."While Asprox has only been mentioned sporadically in the past few years, other spam campaigns with similar tactics as well as fake ticket scams using well-known airlines like Delta and American Airlines have received significant attention,"
http://www.esecurityplanet.com/malware/trend-micro-examines-asprox-botnet.html
Raspberry Pi Hit by Cyber Attack (DDoS)
It's sad to see the Raspberry Pi Foundation, a charity with a good cause at its heart, has been the focus of a vicious attack. This stunt goes to highlight the unfortunate fact that any organisation, of any size and nature, is vulnerable.
http://www.esecurityplanet.com/network-security/raspberry-pi-hit-by-cyber-attack.html
ICS-CERT sums up 2012 cyber security response activities
"The Industrial Control System Cyber Emergency Response Team (ICS-CERT) issued on March 7 a report on its activities in 2012. ICS-CERT provides Cyber security evaluations to support the reliability and resiliency of the systems that comprise and interconnect critical infrastructures. It develops and implements coordinated security measures in collaboration with partners from across public, private and international communities...."
http://www.gsnmagazine.com/node/28699?c=cyber_security
Zimmerspion SmartTV
Ein Sicherheitsforscher hat SmartTVs von Samsung so manipuliert, dass er ihre Webcam zur Raumüberwachung nutzen konnte während der Fernseher augenscheinlich ausgeschaltet war.
http://rss.feedsportal.com/c/32407/f/463925/s/296010ec/l/0L0Sheise0Bde0Csecurity0Cmeldung0CZimmerspion0ESmartTV0E18198230Bhtml0Cfrom0Crss0A9/story01.htm
Think your internet password is safe? Think again...
"Are you one of those naive types who believes that choosing the name of your first pet as an internet password is going to protect you from hacking and fraud? Be very, very afraid, warns Memphis Barker, who has discovered some deeply unsettling facts about the increasing sophistication of data breaches...."
http://www.independent.co.uk/life-style/gadgets-and-tech/features/think-your-internet-password-is-safe-think-again-8523105.html
Debian Security Advisory DSA-2642 sudo
several issues
http://www.debian.org/security/2013/dsa-2642
Apple schließt kritische Lücke in App Store
Eine Sicherheitslücke, die Angriffe auf iOS-Geräte ermöglichte, wurde nun endlich geschlossen. Gemeldet worden war das Problem bereits vor mehr als einem halben Jahr von einem Google-Sicherheitsforscher. Bekannt gemacht wurde es aber erst jetzt.
http://futurezone.at/digitallife/14564-apple-schliesst-kritische-luecke-in-app-store.php?rss=fuzo
WordPress plugins vulnerable to CVE-2013-1808
Topic: WordPress plugins vulnerable to CVE-2013-1808 Risk: Low Text: I tested WordPress plugins to see which are vulnerable to CVE-2013-1808, because original founder of this vulnerability did not...
http://feedproxy.google.com/~r/securityalert_database/~3/qEk7pVSgvcw/WLB-2013030077
Kundendaten des deutschen Avast-Distributors im Netz
Wer über Avast.de eine Virenschutzsoftware gekauft hat, hat ein Problem: Im Netz kursieren offenbar die Daten von über 16.000 Kunden; darunter auch Zahlungsinformationen und Passwort-Hashes.
http://rss.feedsportal.com/c/32407/f/463925/s/29698122/l/0L0Sheise0Bde0Csecurity0Cmeldung0CKundendaten0Edes0Edeutschen0EAvast0EDistributors0Eim0ENetz0E1820A0A0A70Bhtml0Cfrom0Crss0A9/story01.htm
Vuln: Perl CVE-2013-1667 Input Rehashing Denial of Service Vulnerability
Perl CVE-2013-1667 Input Rehashing Denial of Service Vulnerability
http://www.securityfocus.com/bid/58311
Miniduke: web based infection vector
Together with our partner CrySyS Lab, weve discovered two new, previously-unknown infection mechanisms for Miniduke. These new infection vectors rely on Java and IE vulnerabilities to infect the victims PC.
http://www.securelist.com/en/blog/208194159/Miniduke_web_based_infection_vector
Help Keep Threats at Bay With 'Click-to-Play'
Muzzling buggy and insecure Web browser plugins like Java and Flash goes a long way toward blocking attacks from drive-by downloads and hacked or malicious Web sites. But leaving them entirely unplugged from the browser is not always practical, particularly with Flash, which is used on a majority of sites. Fortunately, there is a relatively simple and effective alternative: Click-to-Play.Related Posts:How to Unplug Java from the BrowserWhat You Need to Know About the Java ExploitBlocking
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/fXtHr18Ampk/
Bugtraq: Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503
Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503
http://www.securityfocus.com/archive/1/525958