Tageszusammenfassung - Donnerstag 25-07-2013

End-of-Shift report

Timeframe: Mittwoch 24-07-2013 18:00 − Donnerstag 25-07-2013 18:00 Handler: Matthias Fraidl Co-Handler: Christian Wojner

Multiple Vulnerabilities in the Cisco Video Surveillance Manager

The Cisco Video Surveillance Manager (VSM) allows operations managers and system integrators to build customized video surveillance networks to meet their needs. Cisco VSM provides centralized configuration, management, display, and control of video from Cisco and third-party surveillance endpoints.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm


Google Wallet and Paypal Phishing by abusing WhatsApp

Google Wallet and Paypal Phishing by abusing WhatsApp

http://cxsecurity.com/issue/WLB-2013070185


Vuln: PHP ext/soap/php_xml.c Multiple Arbitrary File Disclosure Vulnerabilities

PHP is prone to multiple arbitrary file-disclosure vulnerabilities because the application fails to sanitize user-supplied input. An authenticated attacker can exploit these vulnerabilities to view arbitrary files within the context of the affected application. Other attacks are also possible.

http://www.securityfocus.com/bid/58766


Google strengthens Android security muscle with NSA-developed protection

Addition of SELinux to version 4.3 one of several improvements to Android security.

http://arstechnica.com/security/2013/07/google-strengthens-android-security-muscle-with-nsa-developed-protection/


Windu CMS 2.2 CSRF Add Admin Exploit

Topic: Windu CMS 2.2 CSRF Add Admin Exploit Risk: Low Text:<!-- Windu CMS 2.2 CSRF Add Admin Exploit Vendor: Adam Czajkowski Product web page: http://www.windu.org Affected ver...

http://cxsecurity.com/issue/WLB-2013070187


Toward A Greater Mobile Mal-Awareness

Several recent developments in mobile malware are conspiring to raise the threat level for Android users, making it easier for attackers to convert legitimate applications into malicious apps and to undermine the technology that security experts use to tell the difference.

https://krebsonsecurity.com/2013/07/toward-a-greater-mobile-mal-awareness/


Cisco ASA Input Validation Flaw in WebVPN Portal Login Page Permits Cross-Site Scripting Attacks

Cisco ASA Input Validation Flaw in WebVPN Portal Login Page Permits Cross-Site Scripting Attacks

http://www.securitytracker.com/id/1028831


nginx 1.3.9 / 1.4.0 x86 Brute Force Remote Exploit Description

nginx 1.3.9 / 1.4.0 x86 Brute Force Remote Exploit

http://cxsecurity.com/issue/WLB-2013070192


OWASP AppSec Research 2013: Konferenz und Trainings in Hamburg

Vom 20. bis zum 23. August lädt die OWASP-Community zu Trainings, Workshops, Reden und Diskussionsrunden nach Hamburg ein.

http://www.heise.de/security/meldung/OWASP-AppSec-Research-2013-Konferenz-und-Trainings-in-Hamburg-1923428.html


HP LoadRunner Denial of Service and Arbitrary Code Execution Vulnerabilities

HP LoadRunner Denial of Service and Arbitrary Code Execution Vulnerabilities

https://secunia.com/advisories/54138


Raid millions of bank accounts. New easy-to-use tool. Yours for $5,000

F... KINS hell! Cybercrooks have brewed a new professional-grade Trojan toolkit called KINS that will pose plenty of problems for banks and their customers in the months and years ahead.

http://go.theregister.com/feed/www.theregister.co.uk/2013/07/25/kins_banking_trojan/


Hacking the SIM card: Why it matters to the enterprise

It appears that the SIM card has finally been hacked, more than 20 years after it was first developed. More specifically, security researcher Karsten Nohl of Security Research Labs says he has found a serious vulnerability that allows mobile phones to be tricked into granting access to SMS functions and other capabilities--without the owner knowing.

http://www.fiercecio.com/techwatch/story/hacking-sim-card-why-it-matters-enterprise


Dissecting a WordPress Brute Force Attack

Over the past few months there has been a lot of discussion about WordPress Brute Force attacks. With that discussion has come a lot of speculation as well. What are they doing? Is it a giant WordPress botnet? Is it going to destroy the internet? Well, as you would expect of any good geeks we set out to find a way to find out.

http://blog.sucuri.net/2013/07/dissecting-a-wordpress-brute-force-attack.html


Warnung vor Orbit Downloader

Der Download-Manager beteiligt sich unmittelbar nach dem Start an einem Cyber-Angriff auf vietnamesische IP-Adressen und legt damit auch das lokale Netz lahm.

http://www.heise.de/security/meldung/Warnung-vor-Orbit-Downloader-1923667.html