End-of-Shift report
Timeframe: Dienstag 12-03-2013 18:00 − Mittwoch 13-03-2013 18:00
Handler: Stephan Richter
Co-Handler: L. Aaron Kaplan
MS13-026 - Important : Vulnerability in Office Outlook for Mac Could Allow Information Disclosure (2813682) - Version: 1.0
http://technet.microsoft.com/en-us/security/bulletin/ms13-026
MS13-003 - Important : Vulnerabilities in System Center Operations Manager Could Allow Elevation of Privilege (2748552) - Version: 2.0
http://technet.microsoft.com/en-us/security/bulletin/ms13-003
Flash: Unseren monatlichen Patch gib uns heute
Adobe veröffentlicht wieder Sicherheits-Updates für den Flash-Player, diesmal ausnahmsweise nicht außer der Reihe. Eine wesentliche Lücke bleibt dabei aber ungestopft.
http://rss.feedsportal.com/c/32407/f/463925/s/297e24e3/l/0L0Sheise0Bde0Csecurity0Cmeldung0CFlash0EUnseren0Emonatlichen0EPatch0Egib0Euns0Eheute0E18217560Bhtml0Cfrom0Crss0A9/story01.htm
ASUS RT-N66U multiple vulns
Topic: ASUS RT-N66U multiple vulns Risk: Medium Text:Vulnerable product: ASUS RT-N66U Vulnerabilities: - Linux 2.6.22.19 - Old libraries and executables Interesting vulnerabili...
http://feedproxy.google.com/~r/securityalert_database/~3/o7EbpwGc_yk/WLB-2013030099
Google rolls out initiative to help hacked sites
"With its new informational series, the Web giant aims to answer questions about why a site was hacked, what malware may have been used, and how to wipe the site clean of bugs. Its not pretty when a Web site gets a "this site may be compromised" or "this site may harm your computer" status note. Many webmasters and Web site owners can be at a loss of what to do in these situations...."
http://news.cnet.com/8301-1023_3-57573986-93/google-rolls-out-initiative-to-help-hacked-sites/
Security-Linux Kali tritt Nachfolge von BackTrack an
Mit einer neuen Tool-Auswahl und einem modernen Linux-Unterbau lässt Kali die Altlasten von BackTrack hinter sich. Die Distribution für Pentester, Admins und Forensiker steht ab sofort zum Download bereit.
http://rss.feedsportal.com/c/32407/f/463925/s/2983f19a/l/0L0Sheise0Bde0Csecurity0Cmeldung0CSecurity0ELinux0EKali0Etritt0ENachfolge0Evon0EBackTrack0Ean0E18217520Bhtml0Cfrom0Crss0A9/story01.htm
Security agency tells Europe to find alternative to risky email
"European governments and businesses should investigate alternative communication channels to e-mail in the longer term after a string of alarming attacks, the EUs cyber security agency warned today (13 March) in a special alert. The European Network and Information Security Agency (ENISA) issued the so-called Flash Note in the wake of recent major cyber-attacks, calling for Europes businesses and governments to take urgent action to combat emerging cyber-attack trends. The report cites...
http://www.euractiv.com/infosociety/security-agency-tells-europe-fin-news-518449
Exploit Kit Distribution in the Wild
Have you ever wondered which exploit kits are the most prevalent?We have been tracking several exploit kits that we have identified these past few months and its interesting to see which gets the biggest chunk of the pie:56% of the coverage is owned by only three exploit kits: Blackhole, Sweet Orange, and Cool.Blackhole, a kit that has been around for almost three years, is still keeping a strong presence at no. 1 with 27% of the exploit kit coverage. Followed by Sweet Orange with 18% and Cool...
http://www.f-secure.com/weblog/archives/00002522.html
(IN)SECURE Magazine Issue 37 released
"IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics. Issue #37 has just been released - download the magazine! The articles in this issue include:Becoming a malware analystReview: Nipper StudioFive questions for Microsofts Chief Privacy OfficerApplication security testing for AJAX and JSONPenetrating and achieving persistence in highly secured networksReport: RSA Conference 2013Social engineering: An underestimated...
http://www.net-security.org/insecuremag.php
Wipe the drive! Stealthy Malware Persistence Mechanism - Part 1, (Wed, Mar 13th)
At Shmoocon 2013 Jake Williams (@MalwareJake) and I gave a presentation entitled Wipe the Drive. The point of the presentation was that you should always wipe the drive and reinstall the OS after a confirmed malware infection. We all know wiping the drive is the safest move but there are business pressures to simply remove the known malware and move on. Also, because we are security professionals there is often an expectation that we are able to remove all the malware. But, in my and Jakes...
http://isc.sans.edu/diary.html?storyid=15394&rss
Bugtraq: Open-Xchange Security Advisory 2013-03-13
http://www.securityfocus.com/archive/1/525979
Bugtraq: SEC Consult SA-20130313-0 :: QlikView Desktop Client Integer Overflow
http://www.securityfocus.com/archive/1/525980
Issue with SWFUploader Could Lead to XSS Vulnerabilities, Content Spoofing
Many versions of SWFUpload – an applet that combines Flash and
JavaScript that’s used in millions of websites, including WordPress
sites– are vulnerable to content spoofing and a cross-site scripting
vulnerability that could lead to the takeover of accounts, according to
reports this week.
https://threatpost.com/en_us/blogs/issue-swfuploader-could-lead-xss-vulnerabilities-content-spoofing-031213