End-of-Shift report
Timeframe: Montag 27-05-2013 18:00 − Dienstag 28-05-2013 18:00
Handler: Matthias Fraidl
Co-Handler: Christian Wojner
Anatomy of a hack: How crackers ransack passwords like 'qeadzcwrsfxv1331'
For Ars, three crackers have at 16,000+ hashed passcodes with 90 percent success.
http://feeds.arstechnica.com/~r/arstechnica/security/~3/yG2GKDkgLMo/
Security boffins say music could trigger mobile malware
Justin Bieber really evil virus theory just got more credible Security researchers have discovered that specific music, lighting, vibrations or magnetic fields could all be used as infection channels to trigger the activation of mobile malware on a massive scale.
http://go.theregister.com/feed/www.theregister.co.uk/2013/05/28/light_sound_magnetic_malware_hidden_trigger/
HP-UX Directory Server Discloses Passwords to Remote Authenticated and Local Users
HP-UX Directory Server Discloses Passwords to Remote Authenticated and Local Users
http://www.securitytracker.com/id/1028593
Sicherheitslücke in Telekom-Router Speedport LTE II
Der DSL-Router Speedport LTE II der Telekom soll von außen manipulierbar sein. Stellt ein Angreifer Anfragen an den Router, wird die zur Verfügung stehende Bandbreite gedrosselt. Ein Update soll die Lücke schließen.
http://www.heise.de/security/meldung/Sicherheitsluecke-in-Telekom-Router-Speedport-LTE-II-1871284.html
How to hash windows files against known good set
Required Tools: md5deep, nsrlquery
You'll also need a server to query against. Luckily Kyrus has provided a nsrlserver (beta), known as the Kyrus NSRL Lookup Service!
http://brakertech.com/hash-windows-files-against-known-good-set/
Serious Privacy Flaw In Facebook Pages Manager For Android Exposes Private Pictures For Everyone To See
Facebook has a privacy hole that exposes private information to the public. And its a serious one, this time in Facebook Pages Manager for Android, which has been installed over 5 million times since January of this year.
http://www.androidpolice.com/2013/05/26/serious-privacy-flaw-in-facebook-pages-manager-for-android-exposes-private-pictures-for-everyone-to-see/
BANKER Malware Hosted In Compromised Brazilian Government Sites
Two Brazilian government websites have been compromised and used to serve malware since April 24. We spotted a total of 11 unique malware files being distributed from these sites, with filenames that usually include 'update', 'upgrade', 'Adobe', 'FlashPlayer' or combinations thereof. Besides the different filenames, these samples also have different domains where they can connect to
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/PCxIa2XQtdo/
ATM and Point-of-Sale Terminals Malware: The Bad Guys Just Never Stop!
If you use your debit or credit card to buy groceries or get cash out of an ATM you might want to know that the bad guys could have a piece of it.
http://blog.malwarebytes.org/intelligence/2013/05/atm-and-point-of-sale-terminals-malware-the-bad-guys-just-never-stop/
How to keep your Apple computer free from malicious programs and viruses
- Apple computers are not safe from viruses
- Fewer than half of Mac users run anti-virus software
- Mac users "will be targeted more and more easily"
http://www.news.com.au/technology/techknow/how-to-keep-your-apple-computer-free-from-malicious-programs-and-viruses/story-fnda1lbo-1226651287698
The Team Cymru Malware Hash Registry (MHR) project
The Malware Hash Registry (MHR) project is a look-up service similar to the Team Cymru IP address to ASN mapping project. This project differs however, in that you can query our service for a computed MD5 or SHA-1 hash of a file and, if it is malware and we know about it, we return the last time weve seen it along with an approximate anti-virus detection percentage.
https://www.team-cymru.org/Services/MHR/
DoS-Lücke in ModSecurity gestopft
Angreifer können die Web Application Firewall über speziell präparierte HTTP-Request aus der Ferne lahm legen.
http://www.heise.de/security/meldung/DoS-Luecke-in-ModSecurity-gestopft-1872219.html
Wordpress Export To Text Plugin "download" Remote File Inclusion Vulnerability
Wordpress Export To Text Plugin "download" Remote File Inclusion Vulnerability
https://secunia.com/advisories/51348
Nitro Pro / Reader PDF Parsing Vulnerability
Nitro Pro / Reader PDF Parsing Vulnerability
https://secunia.com/advisories/53473
SRWare Iron Multiple Vulnerabilities
SRWare Iron Multiple Vulnerabilities
https://secunia.com/advisories/53586
Vuln: SPIP Security Bypass Vulnerability
SPIP Security Bypass Vulnerability
http://www.securityfocus.com/bid/60163