End-of-Shift report
Timeframe: Montag 22-04-2013 18:00 − Dienstag 23-04-2013 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
Cisco Firewall Services Module time-range Object Security Bypass Security Issue
Cisco Firewall Services Module time-range Object Security Bypass Security Issue
https://secunia.com/advisories/53140
Cisco ASA Software time-range Object Security Bypass Security Issue
Cisco ASA Software time-range Object Security Bypass Security Issue
https://secunia.com/advisories/53131
CAPTCHA-solving Russian email account registration tool helps facilitate cybercrime
By Dancho Danchev Just how challenged are cybercriminals when they’re being exposed to CAPTCHAs in 2013? Not even bothering to “solve the problem” by themselves anymore, thanks to the cost-efficient, effective, and fully working process of outsourcing the CAPTCHA solving process to humans thereby allowing the cybercriminals to abuse any given Web property, as if it were multiple [...]
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/SpUsORYAF3o/
MyBB Multiple Vulnerabilities
MyBB Multiple Vulnerabilities
https://secunia.com/advisories/52828
VirusTotal += PCAP Analyzer
VirusTotal is a greedy creature, one of its gluttonous wishes is to be able to understand and characterize all the races it encounters, it already understood the insurgent collective of Portable Executables, the greenish creatures known as Android APKs, the talkative PDF civilization, etc. as of today it also figures out PCAPs, a rare group of individuals obsessed with recording everything they see.
http://blog.virustotal.com/2013/04/virustotal-pcap-analyzer.html
Crypto guru: Dont blame users, get coders security training instead
Murdochs infosec man adds arrogant techies also vulnerable Infosec 2013 Experts on both sides of the vendor-customer divide in the UK and a US cryptographer are at odds over whether or not security training is a waste of time.…
http://go.theregister.com/feed/www.theregister.co.uk/2013/04/23/security_awareness_training/