Tageszusammenfassung - Montag 9-09-2013

End-of-Shift report

Timeframe: Freitag 06-09-2013 18:00 − Montag 09-09-2013 18:00 Handler: Robert Waldner Co-Handler: n/a

Zwei-Faktor-Authentifizierung bei GitHub

Bei dem Quellcode-Hoster können Nutzer ihren Account nun auch mit einer zusätzlichen Authentifizierungsschicht absichern. Das schützt GitHub-Projekte vor Manipulationen, wenn die Zugangsdaten mal in die falschen Hände fallen.

http://www.heise.de/newsticker/meldung/Zwei-Faktor-Authentifizierung-bei-GitHub-1951682.html


Citrix CloudPortal Services Manager Multiple Flaws Have Unspecified Impact

Citrix CloudPortal Services Manager Multiple Flaws Have Unspecified Impact

http://www.securitytracker.com/id/1028987


AirPort Extreme Base Station Frame Processing Bug Lets Remote Users Deny Service

AirPort Extreme Base Station Frame Processing Bug Lets Remote Users Deny Service

http://www.securitytracker.com/id/1028988


pyOpenSSL hostname check bypassing vulnerability

Topic: pyOpenSSL hostname check bypassing vulnerability Risk: Medium Text:The pyOpenSSL module implements hostname identity checks but it did not properly handle hostnames in the certificate that conta...

http://cxsecurity.com/issue/WLB-2013090061


John Gilmore Analyzes NSA Obstruction of Crypto In IPSEC

New submitter anwyn writes " In a recent article postend on the cryptography mailing list, long time civil libertarian and free software entrepreneur, John Gilmore has analyzed possible NSA obstruction of cryptography in IPSEC. He suggest that packet processing in the Linux kernel had been obstructed by one kernel developer. Gilmore suggests that the NSA has been plotting against strong cryptography on mobile phones:" Read more of this story at Slashdot.

http://rss.slashdot.org/~r/Slashdot/slashdot/~3/KQm4nlge0-A/story01.htm


Prenotification: Upcoming Security Updates for Adobe Reader and Acrobat (APSB13-22)

A prenotification Security Advisory has been posted in regards to upcoming Adobe Reader and Acrobat updates scheduled for Tuesday, September 10, 2013. We will continue to provide updates on the upcoming release via the Security Advisory section of the Adobe … Continue reading →

http://blogs.adobe.com/psirt/2013/09/prenotification-upcoming-security-updates-for-adobe-reader-and-acrobat-apsb13-22.html


Telekom: Router warnt bei Bot-Befall

Die Telekom sammelt mit eigenen Honeypots Daten über Angriffsszenarien und macht sich diese zum Beispiel in einer Router-Software zu Nutze, die den Anwender warnt, wenn seine IP-Adresse Teil eines Botnetzes ist.

http://www.heise.de/security/meldung/Telekom-Router-warnt-bei-Bot-Befall-1952121.html


Spy Service Exposes Nigerian ‘Yahoo Boys’

A crude but effective online service that lets users deploy keystroke logging malware and then view the stolen data remotely was hacked recently. The information leaked from that service has revealed a network of several thousand Nigerian email scammers and offers a fascinating glimpse into an entire underground economy that is seldom explored.

http://feedproxy.google.com/~r/KrebsOnSecurity/~3/Bxu69w83Y0Q/


Scammers pop up in Android’s Calendar App

Over the last couple of days, we’ve intercepted a rather interesting fraudulent approach that’s not just successfully hitting the inboxes of users internationally, but is also popping up as an event on their Android Calendar apps. How is this possible? Fairly simple. Sample screenshot of the fraudulent Google Calendar invitation: Through automatic registration — thanks to the outsourcing of the CAPTCHA solving process — fraudsters are registering thousands of bogus

http://feedproxy.google.com/~r/WebrootThreatBlog/~3/JEYS_MitQTU/


Kein großes Smartphone-Betriebssystem vor US-Geheimdienst sicher

Der amerikanische Geheimdienst NSA kann sich Zugang zu Nutzerdaten von iPhones, Android-Smartphones und BlackBerry-Geräten verschaffen. Dies meldet der Spiegel unter Bezug auf geheime Unterlagen.

http://www.heise.de


No, the NSA cant spy on arbitrary smartphone data

The NSA has been exposed as evil and untrustworthy, but so has the press. The press distorts every new revelation, ignoring crucial technical details, and making it sound worse than it really is. An example is this Der Spiegel story claiming "NSA Can Spy On Smartphone Data", such as grabbing your contacts or SMS/email stored on the phone. Update: That was a teaser story, the actual story appearing tomorrow has more facts and fewer speculations than the teaser story.

http://blog.erratasec.com/2013/09/no-nsa-cant-spy-on-smartphone-data.html


IBM OS/400 Java Multiple Vulnerabilities

IBM OS/400 Java Multiple Vulnerabilities

https://secunia.com/advisories/54631


ExecScent: Mining for New C&C Domains in Live Networks with Adaptive Control Protocol Templates

In this paper, we present ExecScent, a novel system that aims to mine new, previously unknown C&C domain names from live enterprise network traffic. ExecScent automatically learns control protocol templates (CPTs) from examples of known C&C communications. These CPTs are then adapted to the “background traffic” of the network where the templates are to be deployed. The goal is to generate hybrid templates that can self-tune to each specific deployment scenario, thus ...

https://www.damballa.com/downloads/a_pubs/Damballa_ExecScent.pdf


30-Second HTTPS Crypto Cracking Tool Released

Three researchers who discovered a crypto attack that can be used to grab sensitive information from HTTPS traffic in less than 30 seconds have released a tool to help website operators see if their systems are susceptible. Details of the BREACH -- short for Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext -- attack were first revealed last month at the Black Hat information security conference ...

http://www.informationweek.com/security/attacks/30-second-https-crypto-cracking-tool-rel/240160741


Vuln: Cisco Adaptive Security Appliance (ASA) Software Denial of Service Vulnerability

Cisco Adaptive Security Appliance (ASA) Software Denial of Service Vulnerability

http://www.securityfocus.com/bid/62251


[webapps] - Moodle 2.3.9, 2.4.6 - Multiple Vulnerabilities

Moodle 2.3.9, 2.4.6 - Multiple Vulnerabilities

http://www.exploit-db.com/exploits/28174


Exploring attacks against PHP applications

Imperva released its September Hacker Intelligence Initiative report which presents an in-depth view of recent attacks against PHP applications, including attacks that involve the PHP “SuperGlobal” parameters, and provides further insight into the nature of hacking activities in general and the implications for the overall integrity of the World Wide Web.

http://www.net-security.org/secworld.php?id=15535


Sophos pulls out spade, fills in holes in Web Appliance

Uproots root privilege route, covers it over Sophos has pulled out the weeds in its web-scanning software after Core Security identified multiple holes in its Web Protection Appliance versions 3.8.0, 3.8.13 and 3.7.9 and earlier.…

http://go.theregister.com/feed/www.theregister.co.uk/2013/09/09/sophos_patches_web_appliance_vuln/


Security experts question if Googles Chrome Apps is worth the risk

Worry based on security issues with cross-platform tech such as Flash and Java, which pioneered the write once, infect everywhere model

http://www.csoonline.com/article/739320/security-experts-question-if-google-s-chrome-apps-is-worth-the-risk?source=rss_application_security


Blackout - Feature-length What-If drama exploring the effects of a devastating cyber-attack on Britains national electricity grid

Based on expert advice and meticulous research, Blackout combines real user-generated footage, alongside fictional scenes, CCTV archive and news reports to build a terrifyingly realistic account of Britain being plunged into darkness.

http://www.channel4.com/programmes/blackout/episode-guide