End-of-Shift report
Timeframe: Mittwoch 04-09-2013 18:00 − Donnerstag 05-09-2013 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
Mit Typo 3 zum Server-Admin
Angemeldete Benutzer konnten unter Typo 3 Konfigurationsdateien auslesen und Dateien kopieren, löschen und ausführen. Nachdem die Experten der SySS GmbH diese Fehler schon vor Monaten an die Entwickler gemeldet hatten, wurden die Probleme nun behoben.
http://www.heise.de/newsticker/meldung/Mit-Typo-3-zum-Server-Admin-1949243.html
AVG 2014: Das Interessanteste gibts umsonst
AVG stellt die Version 2014 seiner Virenschutzprodukte vor. Das darin enthaltene Modul PrivacyFix überprüft, welche Daten man auf sozialen Netzwerken über sich preisgibt.
http://www.heise.de/security/meldung/AVG-2014-Das-Interessanteste-gibts-umsonst-1949173.html
Whatever Happened to Facebook Likejacking?
Back in 2010, Facebook likejacking (a social engineering technique of tricking people into posting a Facebook status update) was a trending problem. So, whatever happened to likejacking scams and spam? Well, Facebook beefed-up its security - and the trend significantly declined, at least when compared to peak 2010 numbers.But you cant keep a good spammer down. Cant beat them? Join them.Today, some of the same junk which was spread via likejacking... is now spread via Facebook...
http://www.f-secure.com/weblog/archives/00002602.html
Java's Losing Security Legacy
Javas code-signing requirements have proven to be a bust, security researchers say, and now even longtime developers are losing faith in the programming language.
http://threatpost.com/javas-losing-security-legacy/102176
Sham G20 Summit Email Carries "Split" Backdoor
The upcoming G20 Summit in St. Petersburg, Russia might have already spewed several messages aimed at both common users and specific groups. A recent email we saw is only the latest in these threats. The said message is purportedly from the event's planning team and refers to a "pre-summit meeting":...
http://blog.trendmicro.com/trendlabs-security-intelligence/sham-g20-summit-email-carries-split-backdoor/
Leicht zu enttarnen
Wissenschaftler haben die Möglichkeiten untersucht, die Anonymität von Tor-Nutzern aufzuheben - mit ziemlich erschreckenden Resultaten.
http://www.heise.de/newsticker/meldung/Tor-Benutzer-leicht-zu-enttarnen-1949449.html
Blog: Obad.a Trojan now being distributed via mobile botnets
In late May we reported on the details of Backdoor.AndroidOS.Obad.a, the most sophisticated mobile Trojan to date. At the time we had almost no information about how this piece of malware gets onto mobile devices. We have since been examining how the Trojan is distributed and discovered that the malware owners have...
http://www.securelist.com/en/blog/8131/Obad_a_Trojan_now_being_distributed_via_mobile_botnets
Bugcrowd organisiert Schwachstellensuche für Unternehmen
Das australisch-amerikanische Startup will es Firmen ermöglichen, ihre eigenen Bug-Bounty-Programme einfach auf die Beine zu stellen. Firmen wie Google und Mozilla profitieren schon seit längerem von eigenen Programmen dieser Art.
http://www.heise.de/security/meldung/Bugcrowd-organisiert-Schwachstellensuche-fuer-Unternehmen-1949833.html
Don't Install The Google Authenticator For iOS Update
Google today pushed an update out for Google Authenticator for iOS, the two-factor authentication companion app that makes your Google account and services where you use it to login more secure. But it's an update users will want to avoid for now, as it erases all your existing stored data and connected accounts,...
http://techcrunch.com/2013/09/04/dont-install-the-google-authenticator-for-ios-update-unless-you-want-your-stored-user-accounts-wiped/
Samsungs Android-Geräte bekommen Verschlüsselungstechnik Knox
Samsung hat die ersten Android-Geräte mit der Sicherheitstechnik ausgerüstet und erste Hinweise geliefert, welche älteren Modelle ein Update bekommen.
http://www.heise.de/newsticker/meldung/Samsungs-Android-Geraete-bekommen-Verschluesselungstechnik-Knox-1950029.html
Large botnet cause of recent Tor network overload
Recently, Roger Dingledine described a sudden increase in Tor users on the Tor Talk mailinglist. To date there has been a large amount of speculation as to why this may have happened. A large number of articles seem to suggest this to be the result of the recent global espionage events, the evasion of the Pirate Bay blockades using the PirateBrowser or the Syrian civil war.
http://blog.fox-it.com/2013/09/05/large-botnet-cause-of-recent-tor-network-overload/
Linux Kernel 3.10.10 scm_check_creds() PID spoofing Privileges Escalation
Topic: Linux Kernel 3.10.10 scm_check_creds() PID spoofing Privileges Escalation Risk: High Text:A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to gain escalated pri...
http://cxsecurity.com/issue/WLB-2013090044
Drupal Core CSS Selectors Allow Remote Users to Insert Hidden Text and Links to Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1028978
Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players
http://www.securityfocus.com/archive/1/528432
Symantec Endpoint Protection un-installation password bypass
Topic: Symantec Endpoint Protection un-installation password bypass Risk: High Text: Description: A weakness has been revealed on SEP installation that allows user to uninstall this product w...
http://cxsecurity.com/issue/WLB-2013090045
IBM WebSphere MQ Multiple Java Vulnerabilities
https://secunia.com/advisories/54721
Cisco GSS Global Site Selector Cross-Site Request Forgery Vulnerability
https://secunia.com/advisories/54727