Tageszusammenfassung - Montag 11-03-2013

End-of-Shift report

Timeframe: Freitag 08-03-2013 18:00 − Montag 11-03-2013 18:00 Handler: Matthias Fraidl Co-Handler: L. Aaron Kaplan

Yahoo! webmail! hijacks! are! back!...

Didnt! they! fix! that?! Yahoo! has blamed cross-site scripting security bugs, which it claims to have squashed, for a recent upsurge in webmail account takeovers.

http://go.theregister.com/feed/www.theregister.co.uk/2013/03/08/yahoo_webmail_hijack_flare_on/


Pwn2Own ends with all attackers winning

"The Pwn2Own competition at CanSecWest has come to an end with the second day being like the first day. No web browser plugin survived being attacked and Adobe Flash, Adobe Reader XI and Java were all successfully hacked. Vupen security, who had demonstrated exploits of Internet Explorer 10, Firefox and Java on day one, returned with an exploit for Adobe Flash...."

http://www.h-online.com/open/news/item/Pwn2Own-ends-with-all-attackers-winning-1819164.html


DNS Hijack Leads To Bitcoin Heist

First time accepted submitter FearTheFez writes "Social Engineering and poor DNS Security lead to a Bitcoin heist worth about $12000. Bitcoin broker Bitinstant was robbed after thieves managed to take over ownership of their domains. While Bitinstant claims that no customers lost any money, without 2 factor authentication all it took was a place of birth and a mothers maiden name to gain access. This looks like poor security from everyone involved."

http://rss.slashdot.org/~r/Slashdot/slashdot/~3/_Jp5n8Dt8jA/story01.htm


Trend Micro Examines Asprox Botnet

"TrendLabs recently published a research paper providing a detailed look at the Asprox botnet, which delivers malware via spam e-mails that claim to come from package delivery companies like FedEx, DHL, and the U.S. Postal Service."While Asprox has only been mentioned sporadically in the past few years, other spam campaigns with similar tactics as well as fake ticket scams using well-known airlines like Delta and American Airlines have received significant attention,"

http://www.esecurityplanet.com/malware/trend-micro-examines-asprox-botnet.html


Raspberry Pi Hit by Cyber Attack (DDoS)

It's sad to see the Raspberry Pi Foundation, a charity with a good cause at its heart, has been the focus of a vicious attack. This stunt goes to highlight the unfortunate fact that any organisation, of any size and nature, is vulnerable.

http://www.esecurityplanet.com/network-security/raspberry-pi-hit-by-cyber-attack.html


ICS-CERT sums up 2012 cyber security response activities

"The Industrial Control System Cyber Emergency Response Team (ICS-CERT) issued on March 7 a report on its activities in 2012. ICS-CERT provides Cyber security evaluations to support the reliability and resiliency of the systems that comprise and interconnect critical infrastructures. It develops and implements coordinated security measures in collaboration with partners from across public, private and international communities...."

http://www.gsnmagazine.com/node/28699?c=cyber_security


Zimmerspion SmartTV

Ein Sicherheitsforscher hat SmartTVs von Samsung so manipuliert, dass er ihre Webcam zur Raumüberwachung nutzen konnte während der Fernseher augenscheinlich ausgeschaltet war.

http://rss.feedsportal.com/c/32407/f/463925/s/296010ec/l/0L0Sheise0Bde0Csecurity0Cmeldung0CZimmerspion0ESmartTV0E18198230Bhtml0Cfrom0Crss0A9/story01.htm


Think your internet password is safe? Think again...

"Are you one of those naive types who believes that choosing the name of your first pet as an internet password is going to protect you from hacking and fraud? Be very, very afraid, warns Memphis Barker, who has discovered some deeply unsettling facts about the increasing sophistication of data breaches...."

http://www.independent.co.uk/life-style/gadgets-and-tech/features/think-your-internet-password-is-safe-think-again-8523105.html


Debian Security Advisory DSA-2642 sudo

several issues

http://www.debian.org/security/2013/dsa-2642


Apple schließt kritische Lücke in App Store

Eine Sicherheitslücke, die Angriffe auf iOS-Geräte ermöglichte, wurde nun endlich geschlossen. Gemeldet worden war das Problem bereits vor mehr als einem halben Jahr von einem Google-Sicherheitsforscher. Bekannt gemacht wurde es aber erst jetzt.

http://futurezone.at/digitallife/14564-apple-schliesst-kritische-luecke-in-app-store.php?rss=fuzo


WordPress plugins vulnerable to CVE-2013-1808

Topic: WordPress plugins vulnerable to CVE-2013-1808 Risk: Low Text: I tested WordPress plugins to see which are vulnerable to CVE-2013-1808, because original founder of this vulnerability did not...

http://feedproxy.google.com/~r/securityalert_database/~3/qEk7pVSgvcw/WLB-2013030077


Kundendaten des deutschen Avast-Distributors im Netz

Wer über Avast.de eine Virenschutzsoftware gekauft hat, hat ein Problem: Im Netz kursieren offenbar die Daten von über 16.000 Kunden; darunter auch Zahlungsinformationen und Passwort-Hashes.

http://rss.feedsportal.com/c/32407/f/463925/s/29698122/l/0L0Sheise0Bde0Csecurity0Cmeldung0CKundendaten0Edes0Edeutschen0EAvast0EDistributors0Eim0ENetz0E1820A0A0A70Bhtml0Cfrom0Crss0A9/story01.htm


Vuln: Perl CVE-2013-1667 Input Rehashing Denial of Service Vulnerability

Perl CVE-2013-1667 Input Rehashing Denial of Service Vulnerability

http://www.securityfocus.com/bid/58311


Miniduke: web based infection vector

Together with our partner CrySyS Lab, weve discovered two new, previously-unknown infection mechanisms for Miniduke. These new infection vectors rely on Java and IE vulnerabilities to infect the victims PC.

http://www.securelist.com/en/blog/208194159/Miniduke_web_based_infection_vector


Help Keep Threats at Bay With 'Click-to-Play'

Muzzling buggy and insecure Web browser plugins like Java and Flash goes a long way toward blocking attacks from drive-by downloads and hacked or malicious Web sites. But leaving them entirely unplugged from the browser is not always practical, particularly with Flash, which is used on a majority of sites. Fortunately, there is a relatively simple and effective alternative: Click-to-Play.Related Posts:How to Unplug Java from the BrowserWhat You Need to Know About the Java ExploitBlocking

http://feedproxy.google.com/~r/KrebsOnSecurity/~3/fXtHr18Ampk/


Bugtraq: Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503

Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503

http://www.securityfocus.com/archive/1/525958