End-of-Shift report
Timeframe: Donnerstag 09-05-2013 18:00 − Freitag 10-05-2013 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
Microsoft Fix It Available for IE 8 Zero Day Used Against Labor Website
Microsoft released a Fix It temporary mitigation for a zero-day vulnerability in Internet Explorer 8 that was used in a watering hole attack against the U.S. Department of Labors website.
http://threatpost.com/microsoft-fix-it-available-for-ie-8-zero-day-used-against-labor-website/
Advance Notification Service for the May 2013 Security Bulletin Release
Today we’re providing Advance Notification of 10 bulletins for release on Tuesday, May 14, 2013. This release brings two Critical and eight Important-class bulletins, which address 34 unique vulnerabilities. The Critical-rated bulletins address issues in Microsoft Windows and Internet Explorer. Of note, we are working to have the Internet Explorer Security Update address the issue described in Security Advisory 2847140, supplementing the currently available Fix it. The Important-rated...
http://blogs.technet.com/b/msrc/archive/2013/05/09/advance-notification-service-for-the-may-2013-security-bulletin-release.aspx
Name.com Breached, Users Asked to Reset Passwords
Domain registrar Name.com is asking its customers to reset their passwords following a data breach.
http://threatpost.com/name-com-breached-users-asked-to-reset-passwords/
Microsoft EMET 4.0 Enables Certificate Pinning to Defeat MITM Attacks
Microsoft later this month will release a new version of its EMET protection tool, and this iteration will include a certificate pinning feature that will enable users to associate a specific certificate with a given certificate authority. The feature is designed a defense against man-in-the-middle attacks that use forged certificates to redirect users or intercept [...]
http://threatpost.com/microsoft-emet-4-0-enables-certificate-pinning-to-defeat-mitm-attacks/
Bugtraq: [security bulletin] HPSBMU02786 SSRT100877 rev.2 - HP System Management Homepage (SMH) Running on Linux, Windows, and VMware ESX, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution
Potential Security Impact: Remote unauthorized access, disclosure of
information, data modification, Denial of Service (DoS), execution of
arbitrary code
http://www.securityfocus.com/archive/1/526566
Bugtraq: ESA-2013-021: EMC Documentum Multiple Vulnerabilities
Vulnerabilities exist in several EMC Documentum products that could potentially be exploited by a malicious user.
http://www.securityfocus.com/archive/1/526570
Prenotification: Upcoming Security Updates for Adobe Reader and Acrobat (APSB13-15)
A prenotification Security Advisory has been posted in regards to upcoming Adobe Reader and Acrobat updates scheduled for Tuesday, May 14, 2013. We will continue to provide updates on the upcoming release via the Security Advisory section of the Adobe...
http://blogs.adobe.com/psirt/2013/05/prenotification-upcoming-security-updates-for-adobe-reader-and-acrobat-apsb13-15.html
Security Advisory for ColdFusion (APSA13-03)
A Security Advisory (APSA13-03) has been posted in regards to a critical issue in ColdFusion 10, 9.0.2, 9.0.1 and 9.0 and earlier versions for Windows, Macintosh and UNIX. Adobe is aware of reports that exploit code for the vulnerability is...
http://blogs.adobe.com/psirt/2013/05/security-advisory-for-coldfusion-apsa13-03.html
WordPress xili-language Plugin "lang" Cross-Site Scripting Vulnerability
A vulnerability has been discovered in the xili-language plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
https://secunia.com/advisories/53364
CSRF-Lücke im OpenVPN Access Server geschlossen
Durch eine Schwachstelle können sich Angreifer potenziell VPN-Zugänge erschleichen.
http://www.heise.de/security/meldung/CSRF-Luecke-im-OpenVPN-Access-Server-geschlossen-1853123.html