End-of-Shift report
Timeframe: Dienstag 09-04-2013 18:00 − Mittwoch 10-04-2013 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
Spiel mir das Lied vom Exploit: VirtualDJ führt Code in MP3s aus
Beim Abspielen von MP3s stolpert die DJ-Software über speziell präparierte ID3-Tags. Dabei droht aber nicht nur der Absturz: Es kursiert bereits ein Exploit, der den Buffer Overflow ausnutzt.
http://www.heise.de/security/meldung/Spiel-mir-das-Lied-vom-Exploit-VirtualDJ-fuehrt-Code-in-MP3s-aus-1837912.html
Out with the old, in with the April 2013 security updates
Windows XP was originally released on August 24, 2001. Since that time, high-speed Internet connections and wireless networking have gone from being a rarity to the norm, and Internet usage has grown from 360 million to almost two-and-a-half billion users. Thanks to programs like Skype, we now make video calls with regularity, and social media has grown from a curiosity to a part of our everyday lives. But through it all, Windows XP keeps chugging along. With its longevity and wide user base,...
http://blogs.technet.com/b/msrc/archive/2013/04/09/out-with-the-old-in-with-the-april-2013-security-updates.aspx
Bericht: Microsoft plant Zwei-Faktor-Authentifizierung mit App
Für Nutzerkonten will Microsoft offenbar bald eine Zwei-Faktor-Authentifizierung einführen. Zusätzlich zum Passwort müsste dann noch ein Code eingegeben werden, der von einer Smartphone-App generiert wird.
http://www.heise.de/security/meldung/Bericht-Microsoft-plant-Zwei-Faktor-Authentifizierung-mit-App-1837992.html
Sysax Multi Server SSH Component NULL Pointer Dereference Vulnerability
Sysax Multi Server SSH Component NULL Pointer Dereference Vulnerability
https://secunia.com/advisories/52934
Pwn2Own IE Vulnerabilities Missing from Microsoft Patch Tuesday Updates
In an unexpected turn, Microsoft’s monthly Patch Tuesday security updates released today did not include patches for Internet Explorer vulnerabilities used during the Pwn2Own contest one month ago.read more
https://threatpost.com/en_us/blogs/pwn2own-ie-vulnerabilities-missing-microsoft-patch-tuesday-updates-040913
2nd Anuual Cyber Security UAE Summit 2013
"Assess the nature of the latest threats being faced and the impact of these upon your organisationDiscuss the most promising cyber security technologies in the marketplaceAssess the trends to watch in global cyber securityInternational Case Studies: Discover the best practice in protecting your organisation from cyber-attackNetwork with your industry peers in the comfort of a 5 star venueThe only event of its kind to take place in the Middle East..."
http://www.cybersecurityuae.com/
Streaming Videos Vudu Issues Systemwide Password Reset After Theft
The streaming video service Vudu on Tuesday began resetting its customers passwords after theives broke into the companys Santa Clara, Calif. headquarters and stole a number of items, including hard drives holding customer data.read more
https://threatpost.com/en_us/blogs/streaming-videos-vudu-issues-systemwide-password-reset-after-theft-040913
Linksys WRT54GL apply.cgi Command Execution
Topic: Linksys WRT54GL apply.cgi Command Execution Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please...
http://feedproxy.google.com/~r/securityalert_database/~3/hE7MhGTEKrY/WLB-2013040073
Top Level Domains: ICANN erfüllt Wünsche der Strafverfolger
Die Dienstleister für Domainregistrierungen müssen künftig striktere Auflagen bei der Registrierung von Domains für ihre Kunden beachten, etwa bei der Überprüfung von Kundendaten und der Vorratsdatenspeicherung von Domain-Inhaberdaten.
http://www.heise.de/newsticker/meldung/Top-Level-Domains-ICANN-erfuellt-Wuensche-der-Strafverfolger-1838226.html
Vuln: phpMyAdmin tbl_gis_visualization.php Multiple Cross Site Scripting Vulnerabilities
phpMyAdmin tbl_gis_visualization.php Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/58962
Trojaner-Mail-Kampagne setzt auf Trusted Shops
Trusted Shops genießen Vertrauen. Das will sich eine neue Trojaner-Mail-Kampagne zunutze machen und setzt auf die Angst vieler Kunden: Was, wenn die gekaufte Ware aus dem Internet nicht ankommt? Da greift doch der "Käuferschutz"?
http://www.heise.de/security/meldung/Trojaner-Mail-Kampagne-setzt-auf-Trusted-Shops-1838191.html
WordPress GA Universal Plugin Cross-Site Request Forgery Vulnerability
WordPress GA Universal Plugin Cross-Site Request Forgery Vulnerability
https://secunia.com/advisories/52976
Adobe April Patches
Today, we released the following Security Bulletins: APSB13-10 – Security update: Security Hotfix available for ColdFusion APSB13-11 – Security updates available for Adobe Flash Player APSB13-12 – Security update available for Adobe Shockwave Player Customers of the affected products should consult the relevant Security Bulletin(s) for details.
http://blogs.adobe.com/psirt/2013/04/adobe-security-bulletins-posted-5.html
Apple Mac OS X PDF Ink Annotations Processing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
http://www.zerodayinitiative.com/advisories/ZDI-13-055/
Novell Identity Manager Unspecified Vulnerability
Novell Identity Manager Unspecified Vulnerability
https://secunia.com/advisories/52984