End-of-Shift report
Timeframe: Freitag 06-09-2013 18:00 − Montag 09-09-2013 18:00
Handler: Robert Waldner
Co-Handler: n/a
Zwei-Faktor-Authentifizierung bei GitHub
Bei dem Quellcode-Hoster können Nutzer ihren Account nun auch mit einer zusätzlichen Authentifizierungsschicht absichern. Das schützt GitHub-Projekte vor Manipulationen, wenn die Zugangsdaten mal in die falschen Hände fallen.
http://www.heise.de/newsticker/meldung/Zwei-Faktor-Authentifizierung-bei-GitHub-1951682.html
Citrix CloudPortal Services Manager Multiple Flaws Have Unspecified Impact
Citrix CloudPortal Services Manager Multiple Flaws Have Unspecified Impact
http://www.securitytracker.com/id/1028987
AirPort Extreme Base Station Frame Processing Bug Lets Remote Users Deny Service
AirPort Extreme Base Station Frame Processing Bug Lets Remote Users Deny Service
http://www.securitytracker.com/id/1028988
pyOpenSSL hostname check bypassing vulnerability
Topic: pyOpenSSL hostname check bypassing vulnerability Risk: Medium Text:The pyOpenSSL module implements hostname identity checks but it did not properly handle hostnames in the certificate that conta...
http://cxsecurity.com/issue/WLB-2013090061
John Gilmore Analyzes NSA Obstruction of Crypto In IPSEC
New submitter anwyn writes " In a recent article postend on the cryptography mailing list, long time civil libertarian and free software entrepreneur, John Gilmore has analyzed possible NSA obstruction of cryptography in IPSEC. He suggest that packet processing in the Linux kernel had been obstructed by one kernel developer. Gilmore suggests that the NSA has been plotting against strong cryptography on mobile phones:" Read more of this story at Slashdot.
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/KQm4nlge0-A/story01.htm
Prenotification: Upcoming Security Updates for Adobe Reader and Acrobat (APSB13-22)
A prenotification Security Advisory has been posted in regards to upcoming Adobe Reader and Acrobat updates scheduled for Tuesday, September 10, 2013. We will continue to provide updates on the upcoming release via the Security Advisory section of the Adobe … Continue reading →
http://blogs.adobe.com/psirt/2013/09/prenotification-upcoming-security-updates-for-adobe-reader-and-acrobat-apsb13-22.html
Telekom: Router warnt bei Bot-Befall
Die Telekom sammelt mit eigenen Honeypots Daten über Angriffsszenarien und macht sich diese zum Beispiel in einer Router-Software zu Nutze, die den Anwender warnt, wenn seine IP-Adresse Teil eines Botnetzes ist.
http://www.heise.de/security/meldung/Telekom-Router-warnt-bei-Bot-Befall-1952121.html
Spy Service Exposes Nigerian ‘Yahoo Boys’
A crude but effective online service that lets users deploy keystroke logging malware and then view the stolen data remotely was hacked recently. The information leaked from that service has revealed a network of several thousand Nigerian email scammers and offers a fascinating glimpse into an entire underground economy that is seldom explored.
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/Bxu69w83Y0Q/
Scammers pop up in Android’s Calendar App
Over the last couple of days, we’ve intercepted a rather interesting fraudulent approach that’s not just successfully hitting the inboxes of users internationally, but is also popping up as an event on their Android Calendar apps. How is this possible? Fairly simple. Sample screenshot of the fraudulent Google Calendar invitation: Through automatic registration — thanks to the outsourcing of the CAPTCHA solving process — fraudsters are registering thousands of bogus
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/JEYS_MitQTU/
Kein großes Smartphone-Betriebssystem vor US-Geheimdienst sicher
Der amerikanische Geheimdienst NSA kann sich Zugang zu Nutzerdaten von iPhones, Android-Smartphones und BlackBerry-Geräten verschaffen. Dies meldet der Spiegel unter Bezug auf geheime Unterlagen.
http://www.heise.de
No, the NSA cant spy on arbitrary smartphone data
The NSA has been exposed as evil and untrustworthy, but so has the press. The press distorts every new revelation, ignoring crucial technical details, and making it sound worse than it really is. An example is this Der Spiegel story claiming "NSA Can Spy On Smartphone Data", such as grabbing your contacts or SMS/email stored on the phone. Update: That was a teaser story, the actual story appearing tomorrow has more facts and fewer speculations than the teaser story.
http://blog.erratasec.com/2013/09/no-nsa-cant-spy-on-smartphone-data.html
IBM OS/400 Java Multiple Vulnerabilities
IBM OS/400 Java Multiple Vulnerabilities
https://secunia.com/advisories/54631
ExecScent: Mining for New C&C Domains in Live Networks with Adaptive Control Protocol Templates
In this paper, we present ExecScent, a novel system that aims to mine new, previously unknown C&C domain names from live enterprise network traffic. ExecScent automatically learns control protocol templates (CPTs) from examples of known C&C communications. These CPTs are then adapted to the “background traffic” of the network where the templates are to be deployed. The goal is to generate hybrid templates that can self-tune to each specific deployment scenario, thus ...
https://www.damballa.com/downloads/a_pubs/Damballa_ExecScent.pdf
30-Second HTTPS Crypto Cracking Tool Released
Three researchers who discovered a crypto attack that can be used to grab sensitive information from HTTPS traffic in less than 30 seconds have released a tool to help website operators see if their systems are susceptible. Details of the BREACH -- short for Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext -- attack were first revealed last month at the Black Hat information security conference ...
http://www.informationweek.com/security/attacks/30-second-https-crypto-cracking-tool-rel/240160741
Vuln: Cisco Adaptive Security Appliance (ASA) Software Denial of Service Vulnerability
Cisco Adaptive Security Appliance (ASA) Software Denial of Service Vulnerability
http://www.securityfocus.com/bid/62251
[webapps] - Moodle 2.3.9, 2.4.6 - Multiple Vulnerabilities
Moodle 2.3.9, 2.4.6 - Multiple Vulnerabilities
http://www.exploit-db.com/exploits/28174
Exploring attacks against PHP applications
Imperva released its September Hacker Intelligence Initiative report which presents an in-depth view of recent attacks against PHP applications, including attacks that involve the PHP “SuperGlobal” parameters, and provides further insight into the nature of hacking activities in general and the implications for the overall integrity of the World Wide Web.
http://www.net-security.org/secworld.php?id=15535
Sophos pulls out spade, fills in holes in Web Appliance
Uproots root privilege route, covers it over Sophos has pulled out the weeds in its web-scanning software after Core Security identified multiple holes in its Web Protection Appliance versions 3.8.0, 3.8.13 and 3.7.9 and earlier.…
http://go.theregister.com/feed/www.theregister.co.uk/2013/09/09/sophos_patches_web_appliance_vuln/
Security experts question if Googles Chrome Apps is worth the risk
Worry based on security issues with cross-platform tech such as Flash and Java, which pioneered the write once, infect everywhere model
http://www.csoonline.com/article/739320/security-experts-question-if-google-s-chrome-apps-is-worth-the-risk?source=rss_application_security
Blackout - Feature-length What-If drama exploring the effects of a devastating cyber-attack on Britains national electricity grid
Based on expert advice and meticulous research, Blackout combines real user-generated footage, alongside fictional scenes, CCTV archive and news reports to build a terrifyingly realistic account of Britain being plunged into darkness.
http://www.channel4.com/programmes/blackout/episode-guide