Tageszusammenfassung - Freitag 16-08-2013

End-of-Shift report

Timeframe: Mittwoch 14-08-2013 18:00 − Freitag 16-08-2013 18:00 Handler: Matthias Fraidl Co-Handler: n/a

Microsoft Starts Countdown on Eliminating MD5

Microsoft has given customers six months to find MD5 installations and prepare for a February 2014 patch that will block the broken algorithm.

http://threatpost.com/microsoft-starts-countdown-on-eliminating-md5/101994


Microsoft Pulls Back Critical Exchange Server 2013 Patch

Microsoft has pulled back MS13-061, a critical patch released yesterday for Exchange Server 2013 because it breaks indexing on the messaging server.

http://threatpost.com/microsoft-pulls-back-critical-exchange-server-2013-patch/101999


Hackers targeting servers running Apache Struts applications, researchers say

A tool for exploiting known Struts vulnerabilities is available on Chinese hacker forums, Trend Micro researchers said

http://www.csoonline.com/article/738134/hackers-targeting-servers-running-apache-struts-applications-researchers-say?source=rss_application_security


Androids Verschlüsselung angreifbar

Eine Schwachstelle in Androids Crypto-Bibliotheken betrifft möglicherweise hunderttausende Android-Anwendungen. Der Fehler sorgt für schwache Zufallszahlen und wurde von Kriminellen bereits für den Diebstahl von Bitcoins genutzt.

http://www.heise.de/security/meldung/Androids-Verschluesselung-angreifbar-1936181.html


Personalized Exploit Kit Targets Researchers

As documented time and again on this blog, cybercrooks are often sloppy or lazy enough to leave behind important clues about who and where they are. But from time to time, cheeky crooks will dream up a trap designed to look like theyre being sloppy when in fact theyre trying to trick security researchers into being sloppy and infecting their computers with malware.

https://krebsonsecurity.com/2013/08/personalized-exploit-kit-targets-researchers/


Verbreitung von Android-Malware nimmt deutlich zu, aber ...

Die Antivirenfirma Kaspersky hat im zweiten Quartal dieses Jahren doppelt so viele neue Android-Schädlinge gesichtet wie im gleichen Quartal des Vorjahres. Anlass zur Panik ist das allerdings nicht.

http://www.heise.de/security/meldung/Verbreitung-von-Android-Malware-nimmt-deutlich-zu-aber-1936570.html


Targeted Attacks Delivering Fruit

Political news has always been one of the top topics used in targeted attacks. Last week we came across unique malicious emails targeting high-profile companies in Europe and Asia (in sectors such as finance, mining, telecom, and government). The payload is an updated version of a Java remote access tool (RAT) detected as Backdoor.Opsiness, also known as Frutas RAT.

http://www.symantec.com/connect/blogs/targeted-attacks-delivering-fruit


Researchers figure out how to hack tens of thousands of servers

Security researchers at the University of Michigan have found a potentially devastating security vulnerability that afflicts at least 40,000 servers on the Internet. The researchers say the flaw could allow hackers to compromise certain servers manufactured by Supermicro from anywhere on the Internet. Tens of thousands of servers produced by other vendors could also be at risk.

http://www.washingtonpost.com/blogs/the-switch/wp/2013/08/14/researchers-figure-out-how-to-hack-tens-of-thousands-of-servers/


Hintergrund: Remote-Shell für die SD-Karte

Kaum etwas ist zu klein, um gehackt zu werden: Einem Blogger ist es gelungen, Root-Zugriff auf das Embedded-System einer WLAN-fähigen Speicherkarte zu erlangen.

http://www.heise.de/security/artikel/Remote-Shell-fuer-die-SD-Karte-1933994.html


Drupal Entity API Module Two Security Bypass Security Issues

https://secunia.com/advisories/54481


Vuln: Dovecot LIST Command Denial of Service Vulnerability

http://www.securityfocus.com/bid/61763


Drupal 7.22 / 6.28 Cross Site Scripting

http://cxsecurity.com/issue/WLB-2013080126


Joomla Media Manager File Upload Vulnerability

http://cxsecurity.com/issue/WLB-2013080120


TYPO3 File Upload Flaw Lets Remote Authenticated Users Execute Arbitrary PHP Code

http://www.securitytracker.com/id/1028919


Bugtraq: Open-Xchange Security Advisory 2013-08-16

http://www.securityfocus.com/archive/1/528046


Bugtraq: Update: Linksys EA2700, EA3500, E4200v2, EA4500 Unspecified unauthenticated remote access

http://www.securityfocus.com/archive/1/528045


Puppet "resource_type" Service Vulnerability

https://secunia.com/advisories/54564