Tageszusammenfassung - Montag 1-07-2013

End-of-Shift report

Timeframe: Freitag 28-06-2013 18:00 − Montag 01-07-2013 18:00 Handler: Stephan Richter Co-Handler: n/a

How cybercriminals create and operate Android-based botnets

By Dancho Danchev On their way to acquire the latest and coolest Android game or application, end users with outdated situational awareness on the latest threats facing them often not only undermine the confidentiality and integrity of their devices, but also, can unknowingly expose critical business data to the cybercriminals who managed to infect their...

http://blog.webroot.com/2013/06/28/how-cybercriminals-create-and-operate-android-based-botnets/


Fortigate Firewall Cross Site Request Forgery

Topic: Fortigate Firewall Cross Site Request Forgery Risk: Low Text:Vulnerability ID: CVE-2013-1414 Vulnerability Type: CSRF (Cross-Site Request Forgery) Product: All Fortigate Firewalls Vendo...

http://cxsecurity.com/issue/WLB-2013060241


Several Flaws Discovered in ZRTPCPP Library Used in Secure Phone Apps

A security researcher has uncovered a number of serious vulnerabilities in one of the core security components of several secure telephony applications, including the Silent Circle system developed by PGP creator Phil Zimmermann.

http://threatpost.com/several-flaws-discovered-in-zrtpcpp-library-used-in-secure-phone-apps-2/


NIST Cybersecurity Framework, (Sun, Jun 30th)

The NIST has published a voluntary framework to reduce cyber risk to critical infrastructure as a result of a directive inside the Presidents execute order for improving critical infrastructure cybersecurity. The core of this framework is composed of a function matrix and a framework implementation level matrix. The function matrix contains the five top-level cybersecurity functions, which are: Know: Gaining the institutional understanding to identify what systems need to be protected,...

http://isc.sans.edu/diary.html?storyid=16093


Backdoor Discovered In Atlassian Crowd

An anonymous reader writes "Recently published on the Command Five website is a technically detailed threat advisory (PDF) in relation to a recurring vulnerability in Atlassian Crowd. Tucked away inconspicuously at the end of this document in a section entitled Unpatched Vulnerabilities is the real security bombshell: Atlassians turnkey solution for enterprise single sign-on and secure user authentication contains an unpatched backdoor. The backdoor allows anyone to remotely take full...

http://it.slashdot.org/story/13/07/01/0011217/backdoor-discovered-in-atlassian-crowd


Xorbin Multiple Products "widgetUrl" Cross-Site Scripting Vulnerability

A vulnerability has been discovered in multiple Xorbin products, which can be exploited by malicious people to conduct cross-site scripting attacks.

https://secunia.com/advisories/53979


IBM Tivoli Composite Application Manager for Transactions OpenSSL Multiple Vulnerabilities

IBM has acknowledged multiple vulnerabilities in IBM Tivoli Composite Application Manager for Transactions, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), bypass certain security restrictions, and compromise a vulnerable system.

https://secunia.com/advisories/54029