End-of-Shift report
Timeframe: Donnerstag 14-03-2013 18:00 − Freitag 15-03-2013 18:00
Handler: Matthias Fraidl
Co-Handler: L. Aaron Kaplan
Vulnerability Summary for the Week of March 4, 2013
"The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains
http://www.us-cert.gov/ncas/bulletins/SB13-070
Debian Security Advisory DSA-2644 wireshark
several vulnerabilities
http://www.debian.org/security/2013/dsa-2644
Open-Xchange Server 6 - Multiple Vulnerabilities
Open-Xchange Server 6 - Multiple Vulnerabilities
http://www.exploit-db.com/exploits/24791
Mac OS X 10.8.3 steht bereit
Seit November testete Apple die nächste Version von Mountain Lion in Entwicklerkreisen schon, nun ist der Download für die Allgemeinheit verfügbar. Für Snow Leopard und Lion steht außerdem ein Sicherheitsupdate-Paket bereit.
http://www.heise.de/security/meldung/Mac-OS-X-10-8-3-steht-bereit-1823278.html
You've Been Hacked, But For How Long?
One of the big themes at the recent RSA Conference was awareness of
threats already inside the network. The way you learn about these
threats and lower your 'Mean Time To Know' (MTTW) about an intrusion is with profile-based network monitoring.
http://www.darkreading.com/blog/240150779/you-ve-been-hacked-but-for-how-long.html
Security appliances are riddled with serious vulnerabilities, researcher says
The majority of email and Web gateways, firewalls, remote access
servers, UTM (united threat management) systems and other security
appliances have serious vulnerabilities, according to a security
researcher who analyzed products from multiple vendors.
http://www.techworld.com.au/article/456433/security_appliances_riddled_serious_vulnerabilities_researcher_says/
Trend Micro dupes wannabe hackers with honeypot scam
"Security firm Trend Micro has duped hackers into attacking fake industrial control systems (ICS), collecting invaluable data on their attack methods and goals and revealing surprising insights on the UKs hacking scene. The research was revealed at Blackhat Europe 2013 in Amsterdam on Friday and is the result of a collaborative project between Trend Micro and Scada security researcher Kyle Wilhoit.
http://www.v3.co.uk/v3-uk/news/2254867/trend-micro-dupes-wannabe-hackers-with-honeypot-scam
UMTS-Sticks von Huawei gefährden Sicherheit der Nutzer
Ein russischer Hacker hat die Treiber-Software der UMTS-Sticks von Huawei untersucht. Ergebnis: zahlreiche Schwachstellen, die es Angreifern leicht machen, die Rechner der Stick-Nutzer zu infizieren. Auch eine massenhafte Infektion ist denkbar.
http://www.heise.de/security/meldung/UMTS-Sticks-von-Huawei-gefaehrden-Sicherheit-der-Nutzer-1823629.html
Der Feind in meinem Dock
In Notebook-Docks von Dell ist noch viel Platz. Ein Sicherheitsforscher hat darin einen Mini-PC untergebracht, der Netzwerkverkehr, Audio- und Videosignale sowie USB-Datenverkehr des angedockten Notebooks ausspioniert.
http://www.heise.de/security/meldung/Der-Feind-in-meinem-Dock-1823723.html
Highlights from BlackHat Europe 2013 in Amsterdam
Every year as Europe wakes up from the cold winter to the warm days of spring, BlackHat traditionally descends to Amsterdam. This year's conference is taking place on March 14-15 at the NH Grand Hotel Krasnapolsky, right Dam Square, the heart of Amsterdam. As spring doesn't necessarily equal warm days here in Europe right now, the 500 or so BlackHat participants hit the conference rooms to attend quite a few interesting talks. Here's a summary of the best talks at BlackHat Europe
http://www.securelist.com/en/blog/208194175/Highlights_from_BlackHat_Europe_2013_in_Amsterdam
TeamViewer authentication protocol
When a coworker recently gave me access to his system he recommended I use TeamViewer. TeamViewer is a free tool that is used to set up and use a VPN connection as well as allowing the user to remotely take control of another person's computer from their system. Given that it was my first time using this software, I decided to take a peek at the traffic.
http://blog.accuvantlabs.com/blog/bthomas/teamviewer-authentication-protocol
Seagate blog compromised, leads to Blackhole and malware
A blog of well-known hard disk drive manufacturer Seagate has been
compromised to contain malicious iFrame injections that redirect users
to websites hosting the Blackhole exploit kit, warns Sophos.
http://www.net-security.org/malware_news.php?id=2440