Tageszusammenfassung - Dienstag 18-06-2013

End-of-Shift report

Timeframe: Montag 17-06-2013 18:00 − Dienstag 18-06-2013 18:00 Handler: Robert Waldner Co-Handler: n/a

Siemens SIMATIC WinCC Web Navigator Bugs Let Remote Users Inject SQL Commands and Login to the System

Siemens SIMATIC WinCC Web Navigator Bugs Let Remote Users Inject SQL Commands and Login to the System

http://www.securitytracker.com/id/1028672


New Regulation for EU cybersecurity agency ENISA, with new duties

European Union (EU) cybersecurity agency, ENISA has today (18th June) received a new Regulation, granting it a seven year mandate with an expanded set of duties.

http://www.enisa.europa.eu/media/press-releases/new-regulation-for-eu-cybersecurity-agency-enisa-with-new-duties


Tools - ProcDOT 1.0 released

I am happy to announce that the first release (1.0) of my visual malware analysis tool ProcDOT (I already mentioned the beta in a recent blog post) is now available. This tool processes Sysinternals Process Monitor (Procmon) logfiles and PCAP-logs (Windump, Tcpdump) to generate a graph via the GraphViz suite. This graph visualizes any relevant activities (customizable) and can be interactively analyzed.

https://www.cert.at/services/blog/20130618112047-852_en.html


Wall Street sets example for testing security defenses

Quantum Dawn 2 will test institutions playbooks while also finding more efficient ways to share real-time information

http://www.csoonline.com/article/735068/wall-street-sets-example-for-testing-security-defenses?source=rss_application_security


iOS: Sicherheitsmängel im "Persönlichen Hotspot"

iOS wählt die Passwörter für mobiles Tethering nicht wirklich zufällig. Mobile Hotspots können in wenigen Sekunden geknackt werden.

http://www.heise.de/security/meldung/iOS-Sicherheitsmaengel-im-Persoenlichen-Hotspot-1891356.html


Windows-Härter überführt SSL-Spione

Microsofts Gratis-Schutzprogramm EMET soll in Version 4.0 nicht nur besser vor Cyber-Angriffen schützen, es ist auch deutlich benutzerfreundlicher geworden. Die empfohlenen Schutzeinstellungen aktiviert man mit wenigen Klicks.

http://www.heise.de/newsticker/meldung/Windows-Haerter-ueberfuehrt-SSL-Spione-1891691.html


Apache XML Security Multiple Vulnerabilities

Apache XML Security Multiple Vulnerabilities

https://secunia.com/advisories/53590


Graphical Tools Help Security Experts Track Cyber-Attacks in Real Time

"... it looks like a fantastic image from something in the world of science fiction. Streams of data flow from the globe representing the Internet. Attack vectors are highlighted in red. You can watch the changes as the attacks progress."

http://www.eweek.com/security/graphical-tools-help-security-experts-track-cyber-attacks-in-real-time/


Security Vulnerability in Siemens COMOS 9.2/10.0

Siemens has discovered a vulnerability in the client library of the database system COMOS which might allow attackers to escalate their privileges for database access. The attacker would need local access as authenticated user to exploit the vulnerability.

http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-194865.pdf