Tageszusammenfassung - Freitag 14-06-2013

End-of-Shift report

Timeframe: Donnerstag 13-06-2013 18:00 − Freitag 14-06-2013 18:00 Handler: Matthias Fraidl Co-Handler: Stephan Richter

Java SE Critical Patch Update - June 2013 - Pre-Release Announcement

This Critical Patch Update Pre-Release Announcement provides advance information about the Oracle Java SE Critical Patch Update for June 2013, which will be released on Tuesday, June 18, 2013. While this Pre-Release Announcement is as accurate as possible at the time of publication, the information it contains may change before publication of the Critical Patch Update Advisory.

http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html


MtGox Phishing Campaign Hits Bing, Yahoo!

An active phishing campaign targeting account holders at popular Bitcoin exchange MtGox.com has hijacked the top search results at Bing and Yahoo.com, redirecting unwary clickers to mtpox.com, a look-alike domain and Web site that was registered on June 12, 2013, less than 24 hours ago.

https://krebsonsecurity.com/2013/06/mtgox-phishing-campaign-hits-bing-yahoo


How cybercriminals apply Quality Assurance (QA) to their malware campaigns before launching them

By Dancho Danchev In 2013, the use of basic Quality Assurance (QA) practices has become standard practice for cybercrininals when launching a new campaign. In an attempt to increase the probability of a successful outcome for their campaigns � think malware infection, increased visitor-to-malware infected conversion, improved conversion of blackhat SEO acquired traffic leading to the purchase of counterfeit pharmaceutical items etc.

http://blog.webroot.com/2013/06/14/how-cybercriminals-apply-quality-assurance-qa-to-their-malware-campaigns-before-launching-them


Critical vulnerabilities in Siemens OpenScape Branch & SBC

Siemens OpenScape Branch & SBC are vulnerable to critical vulnerabilities such as unauthenticated execution of OS commands or file disclosure. Attackers are able to take over the operating system and potentially intercept VoIP traffic or phone calls.

https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130614-0_Siemens_OpenScape_Branch_SBC_Multiple_Vulnerabilities_v10.txt


AirLive IP cameras plain text information disclosure

AirLive IP cameras could allow a remote attacker to obtain sensitive information, caused by retrieving users details and passwords stored as plain text in a backup file. An attacker could exploit this vulnerability to obtain sensitive information.

http://xforce.iss.net/xforce/xfdb/84933


OWASP Top 10 2013 released

The Open Web Application Security Project's top 10 most critical web application security risks, has been updated and a new list has been published. Last updated back in 2010, the organization has published the new list wherein the importance of cross-site scripting (XSS) and cross-site request forgery (CRSF) has been diluted a little while risks related to broken session management and authentication has moved up a notch.

https://www.owasp.org/index.php/Top10


Linux-Kernel-Exploit wurde auf Android portiert

Eine gefährliche Sicherheitslücke, die unter Linux längst gepatcht wurde, wird nun unter Android ausgenutzt. Laut Symantec ist es Entwicklern von Schadsoftware gelungen, den Exploit zu portieren. Abhilfe durch eine neue Android-Version gibt es zunächst nicht.

http://www.golem.de/news/privilege-escalation-linux-kernel-exploit-wurde-auf-android-portiert-1306-99772.html


Big browser builders scramble to fix cross-platform zero-day flaw

Browser manufacturers will release an update in the next few weeks to block a new type of malware that exploits a cross-platform flaw that allows attackers access to Mac, PC, mobile, and even games console internet users.

http://www.theregister.co.uk/2013/06/13/cross_platform_browser_flaw_in_wild/


Hintergrund: XSS-Bremse Content Security Policy

Cross-Site-Scripting (XSS) ist eine der größten Plagen, mit denen Webmaster zu kämpfen haben. Selbst Banken und Bezahldienstleistern wie PayPal gelingt es nicht, das gefährliche Einschleusen von Fremdcode zu verhindern. Der neue Standard "Content Security Policy" soll endlich Abhilfe schaffen.

http://www.heise.de/security/artikel/XSS-Bremse-Content-Security-Policy-1888522.html