End-of-Shift report
Timeframe: Donnerstag 28-03-2013 18:00 − Freitag 29-03-2013 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
Sophos lädt ungefragt Datensammler nach
Der Antivirenhersteller will seinen Firmenkunden in Kürze ein "kleines Zusatztool" auf den Rechner laden, das Daten über das Nutzungsverhalten einsammelt uns Sophos schickt.
http://rss.feedsportal.com/c/32407/f/463925/s/2a1abd19/l/0L0Sheise0Bde0Csecurity0Cmeldung0CSophos0Elaedt0Eungefragt0EDatensammler0Enach0E18327230Bhtml0Cfrom0Crss0A9/story01.htm
Cash Claws, Fake Fascias & Tampered Tickets
Credit and debit card skimmers arent just for ATMs anymore. According to European anti-fraud experts, innovative skimming devices are being found on everything from train ticket kiosks to parking meters and a host of other unattended payment terminals.Related Posts:Beware Card- and Cash-Trapping at the ATMFun with ATM Skimmers, Part IIIATM Skimmers Get Wafer ThinCrooks Rock Audio-based ATM SkimmersAll-in-One Skimmers
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/_aHaCD9zbGc/
-- John Bambenek bambenek \at\ gmail /dot/ com Bambenek Consulting (c) SANS Internet Storm Center.
http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://isc.sans.edu/diary.html?storyid=15502&rss
PayPal Sellers CMS Cross Site Scripting
Topic: PayPal Sellers CMS Cross Site Scripting Risk: Low Text:Title: Paypal Bug Bounty #6 - Persistent Web Vulnerability Date: == 2013-03-27 References: ==
http://www...
http://feedproxy.google.com/~r/securityalert_database/~3/tJz8R2VxVKs/WLB-2013030262
PayPal GP+ Cross Site Scripting
Topic: PayPal GP+ Cross Site Scripting Risk: Low Text:Title: Paypal Bug Bounty #46 - Persistent Web Vulnerability Date: == 2013-03-28 References: ==
http://ww...
http://feedproxy.google.com/~r/securityalert_database/~3/QJObrt3R7RI/WLB-2013030261
A peek inside the EgyPack Web malware exploitation kit
By Dancho Danchev On a daily basis we process multiple malicious campaigns that, in 95%+ of cases, rely on the market leading Black Hole Exploit Kit. The fact that this Web malware exploitation kit is the kit of choice for the majority of cybercriminals, speaks for its key differentiation factors/infection rate success compared to the competing exploit [...]
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/kcBH0DcDPWc/
McAfee Firewall Enterprise BIND Regular Expression Handling Denial of Service Vulnerability
McAfee Firewall Enterprise BIND Regular Expression Handling Denial of Service Vulnerability
https://secunia.com/advisories/52836
VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability
VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability
https://secunia.com/advisories/52844
RoundCube Webmail generic_message_footer Arbitrary File Disclosure Vulnerability
RoundCube Webmail generic_message_footer Arbitrary File Disclosure Vulnerability
https://secunia.com/advisories/52806
[remote] - McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method
McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method
http://www.exploit-db.com/exploits/24907
HPSBUX02859 SSRT101144 rev.1 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execute Arbitrary Code
A potential security vulnerability has been identified with HP-UX
running XNTP. The vulnerability could be exploited remotely create a
Denial of Service (DoS) or Execute Arbitrary Code.
http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03714526-1%257CdocLocale%253Den_US%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
Has Anyone Seen a Missing Scroll Bar? Phony Flash Update Redirects to Malware
Microsoft said it has received 70,000 reports this week of a new Trojan disguised as an Adobe Flash Player update that will change your browser’s home page and redirect a Web session to an attacker’s page.There are several clues something is amiss, namely part of the GUI for the supposed Flash 11 update is written in Turkish, and there is no scroll bar on the EULA.read more
https://threatpost.com/en_us/blogs/has-anyone-seen-missing-scroll-bar-phony-flash-update-redirects-malware-032913
Security Fix Leads To PostgreSQL Lock Down
hypnosec writes "The developers of the PostgreSQL have announced that they are locking down access to the PostgreSQL repositories to only committers while a fix for a "sufficiently bad" security issue applied. The lock down is temporary and will be lifted once the next release is available. The core committee has announced that they apologize in advance for any disruption adding that It seems necessary in this instance, however." Read more of this story at Slashdot.
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/3JUUb-3wFnQ/story01.htm
Next End-of-Shift report on 2013-04-02