Tageszusammenfassung - Dienstag 16-04-2013

End-of-Shift report

Timeframe: Montag 15-04-2013 18:00 − Dienstag 16-04-2013 18:00 Handler: Matthias Fraidl Co-Handler: Robert Waldner

How mobile spammers verify the validity of harvested phone numbers

By Dancho Danchev Just as we anticipated earlier this year in our "How mobile spammers verify the validity of harvested phone number" post, mobile spammers and cybercriminals in general will continue ensuring that QA (Quality Assurance) is applied to their upcoming campaigns. This is done in an attempt to both successfully reach a wider audience and to..

http://blog.webroot.com/2013/04/16/how-mobile-spammers-verify-the-validity-of-harvested-phone-numbers-part-two/


Analyzing Malicious PDFs or: How I Learned to Stop Worrying and Love Adobe Reader

This blog post and the next blog post will focus on analyzing malicious PDF files and the changes we've made to jsunpack to facilitate this analysis.

http://visiblerisk.com/blog/2013/4/8/analyzing-malicious-pdfs-or-how-i-learned-to-stop-worrying-a.html


Tricks neu aufgelegt: Vorsicht bei Copy&Paste

Mit einem nicht ganz neuen Trick, der derzeit verstärkt wieder kursiert, können Web-Seiten etwa arglosen Linux-Usern, die zu faul zum Tippen sind, Befehle unterjubeln und deren System kapern.

http://www.heise.de/security/meldung/Tricks-neu-aufgelegt-Vorsicht-bei-Copy-Paste-1841048.html


New security protection, fixes for 39 exploitable bugs coming to Java

Oracle plans to release an update for the widely exploited Java browser plugin. The update fixes 39 critical vulnerabilities and introduces changes designed to make it harder to carry out drive-by attacks on end-user computers.

http://arstechnica.com/security/2013/04/new-security-protection-fixes-for-39-exploitable-bugs-coming-to-java/


Linode Hacked Through ColdFusion Zero Day

The attackers who compromised Web hosting provider Linode used a zero day vulnerability in Adobe ColdFusion and were able to access the companys database, source code and customers credit card numbers and passwords. The company said that the customer credit card numbers were encrypted, as were the passwords, but it forced a system-wide password reset after the attack was discovered.read more

https://threatpost.com/en_us/blogs/linode-hacked-through-coldfusion-zero-day-041613


MediaWiki Two XML External Entities Vulnerabilities

Two vulnerabilities have been reported in MediaWiki, which can be exploited by malicious people to potentially disclose sensitive information and compromise a vulnerable system.

https://secunia.com/advisories/53054


Nitro Pro Insecure Library Loading Vulnerability

SEC Consult has reported a vulnerability in Nitro Pro, which can be exploited by malicious people to compromise a user's system.

https://secunia.com/advisories/52907


EasyPHPCalendar Date Picker Cross-Site Scripting Vulnerability

A vulnerability has been reported in EasyPHPCalendar, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input related to the date picker is not properly sanitised before being returned to the user.

https://secunia.com/advisories/53025


NetGear WNR1000 ".jpg" Security Bypass Vulnerability

Roberto Paleari has reported a vulnerability in NetGear WNR1000, which can be exploited by malicious people to bypass certain security restrictions. The application does not properly restrict access to certain web pages with appended ".jpg" to the URL and can be exploited to e.g. gain knowledge the configuration file including admin credentials.

https://secunia.com/advisories/52856