End-of-Shift report
Timeframe: Dienstag 16-04-2013 18:00 − Mittwoch 17-04-2013 18:00
Handler: Matthias Fraidl
Co-Handler: Otmar Lendl
NQ Mobile: Android Malware Doubled in 2012
Throw another log onto the proverbial Android malware fire: According to mobile security firm NQ Mobile, infections targeting devices running the Google-based operating system doubled in 2012. That translates to a 163 percent increase from 2011 and accounts for over 65,000 different types of malware discovered, up 30,000 from 25,000 the year before.read more
https://threatpost.com/en_us/blogs/nq-mobile-android-malware-doubled-2012-041613
SAP BASIS Communication Services Command Execution
Topic: SAP BASIS Communication Services Command Execution Risk: High Text: [ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services Please refer to www.esnc.de for the origin...
http://feedproxy.google.com/~r/securityalert_database/~3/uQXsNLsq7cM/WLB-2013040120
Fueled by super botnets, DDoS attacks grow meaner and ever-more powerful
Average amount of bandwidth used in DDoS attacks spiked eight-fold last quarter.
http://feeds.arstechnica.com/~r/arstechnica/security/~3/QTLIjglO7vc/
MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
http://www.securitytracker.com/id/1028449
A peek inside a (cracked) commercially available RAT (Remote Access Tool)
By Dancho Danchev In an attempt to add an additional layer of legitimacy to their malicious software, cybercriminals sometimes simply reposition them as Remote Access Tools, also known as R.A.Ts. What they seem to be forgetting is that, no legitimate Remote Access Tool would posses any spreading capabilities, plus, has the capacity to handle tens of [...]
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/iV7a86XP2vA/
Apple aktualisiert Safari und Java-6-Unterstützung
Apple hat in der Nacht zum Mittwoch seinen Web-Browser mit einer neuen Sicherheitsfunktion ausgestattet, mit der Java-Applets Website-spezifisch freigegeben werden können. Außerdem wurde ein neuerliches Java-6-Update veröffentlicht.
http://www.heise.de/security/meldung/Apple-aktualisiert-Safari-und-Java-6-Unterstuetzung-1843475.html
90% of game hacks and cracks contain malware
Computer and online gaming is big business for companies creating the games, but a considerable drain on the finances of gamers, so it should not come as a surprise that many of the latter decide against buying games and add-ons, choosing instead to download cracked games, keygens, patches and more from torrent or file-sharing sites.
https://www.net-security.org/malware_news.php?id=2468
Oracle Java Multiple Vulnerabilities
Multiple vulnerabilities have been reported in Oracle Java, which can be exploited by malicious, local users to manipulate certain data and gain escalated privileges and by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
https://secunia.com/advisories/53008
Linksys WRT54GL Cross-Site Request Forgery Vulnerability
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. upload a firmware image when a logged-in administrative user visits a specially crafted web page.
https://secunia.com/advisories/53068
The beginners guide to breaking website security with nothing more than a Pineapple
You know how security people get all uppity about SSL this and SSL that? Stuff like posting creds over HTTPS isn't enough, you have to load login forms over HTTPS as well and then you can't send auth cookies over HTTP because they'll get sniffed and sessions hijacked and so on and so forth.
http://www.troyhunt.com/2013/04/the-beginners-guide-to-breaking-website.html
ACLU asks feds to probe wireless carriers over Android security updates
Civil liberties advocates have asked the US Federal Trade Commission to take action against the nations four major wireless carriers for selling millions of Android smartphones that never, or only rarely, receive updates to patch dangerous security vulnerabilities.
http://arstechnica.com/security/2013/04/wireless-carriers-deceptive-and-unfair/
Boston-Related Malware Campaigns Have Begun, (Wed, Apr 17th)
About mid-afternoon yesterday (Central time - US), Boston related spam campaigns have begun. The general "hook" is that it sends a URL with a subject about the video from the explosions. Similar to when Osama Bin Laden was killed and fake images were used as a hook, in this case, the video is relevant to the story and being used as a hook. Right now, very roughly 10-20% of all spam is related to this (some spamtraps reporting more, some less). Similar IPs have also been sending pump
http://isc.sans.edu/diary.html?storyid=15629&rss