Tageszusammenfassung - Dienstag 24-09-2013

End-of-Shift report

Timeframe: Montag 23-09-2013 18:00 − Dienstag 24-09-2013 18:00 Handler: L. Aaron Kaplan Co-Handler: L. Aaron Kaplan

ICS Vendor Fixes Hard-Coded Credential Bugs Nearly Two Years After Advisory

Nearly two years after a security researcher published details of the hard-coded credentials that ship with a slew of industrial control system products made by Schneider Electric, the company has released updated firmware that fix the problems. The vulnerabilities, which were discovered by researcher Ruben Santamarta and published in December 2011, affect dozens of products

http://threatpost.com/ics-vendor-fixes-hard-coded-credential-bugs-nearly-two-years-after-advisory/102391

Security Bulletin: Multiple vulnerabilities exist in IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert for Linux, UNIX and Windows (CVE-2013-4025, CVE-2013-4024, CVE-2013-4022)

Multiple vulnerabilities exist in IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert for Linux, UNIX and Windows which could allow an attacker to view sensitive information or perform actions as a compromised user. CVE(s): CVE-2013-4025, CVE-2013-4024, CVE-2013-4022 Affected product(s) and affected version(s): IBM Data Studio Web Console versions v3.1.x Optim Performance Manager for DB2 on LUW v5.1.x IBM InfoSphere

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_vulnerabilities_exist_in_ibm_data_studio_web_console_optim_performance_manager_ibm_infosphere_optim_configuration_manager_and_db2_recovery_expert_for_linux_unix_and_wind

Vuln: Moodle CVE-2013-4313 SQL Injection Vulnerability

Moodle CVE-2013-4313 SQL Injection Vulnerability

http://www.securityfocus.com/bid/62410

Citrix XenClient XT Multiple Vulnerabilities

https://secunia.com/advisories/54625

Cybercriminals experiment with Android compatible, Python-based SQL injecting releases

Throughout the years, cybercriminals have been perfecting the process of automatically abusing Web application vulnerabilities to achieve their fraudulent and malicious objectives. From the utilization of botnets and search engines to perform active reconnaissance, the general availability of DIY mass SQL injecting tools as well as proprietary malicious script injecting exploitation platforms, the results have been evident ever since in the form of tens of thousands of affected Web sites on a

http://feedproxy.google.com/~r/WebrootThreatBlog/~3/uFxqe3lj6ak/

Joomla JVideoClip Blind SQL Injection

Topic: Joomla JVideoClip Blind SQL Injection Risk: Medium Text: == Joomla Component com_jvideoclip (cid|uid|id) Blind SQL Injection / SQL Injection ...

http://cxsecurity.com/issue/WLB-2013090161

WordPress fGallery_Plus Cross Site Scripting

Topic: WordPress fGallery_Plus Cross Site Scripting Risk: Low Text: # Iranian Exploit DataBase Forum # http://iedb.ir/acc # http://iedb...

http://cxsecurity.com/issue/WLB-2013090160

AspxCommerce 2.0 Shell Upload

Topic: AspxCommerce 2.0 Shell Upload Risk: High Text:# Exploit Title: AspxCommerce v2.0 - Arbitrary File Upload Vulnerability # Exploit Author: SANTHO (@s4n7h0) # Vendor Homepage...

http://cxsecurity.com/issue/WLB-2013090159

H1 2013 Threat Report

Our H1 2013 Threat Report is now online:Youll find it as well as our previous reports available for download: here. On 24/09/13 At 06:57 AM

http://www.f-secure.com/weblog/archives/00002611.html

Attacks Using Microsoft IE Exploit Tied to Hacking Crew Linked to Bit9 Breach

Security researchers at FireEye have observed a campaign targeting organizations in Japan that is leveraging the Internet Explorer zero-day Microsoft warned users about last week. The campaign has been dubbed Operation DeputyDog, and is believed to have begun as early as August 19. According to FireEye, the attackers behind the operation may be the same ones involved in last years attack on Bit9 a group researchers at Symantec recently identified as a hacking crew called Hidden Lynx

http://www.securityweek.com/attacks-using-microsoft-ie-exploit-tied-hacking-crew-linked-bit9-breach

D-Link DSL-2740B Router Cross-Site Request Forgery Vulnerability

https://secunia.com/advisories/54795

Blog: Exposing the security weaknesses we tend to overlook

http://www.securelist.com/en/blog/8132/Exposing_the_security_weaknesses_we_tend_to_overlook

Cyberwar gegen das Heidiland - Protokoll einer Attacke

Sie versuchen Beweise zu zerstören. Der IT-Forensiker ist seit Wochen auf der Fährte von Hackern, die eine der grössten Cyberattacken weltweit lanciert haben. Eine Offensive gegen militärische und zivile Ziele. Gegen einen Telekommunikationskonzern in Norwegen, gegen den Autohersteller Porsche, einen internationalen Flughafen in Indien und politische Gruppierungen in Pakistan.

http://www.sonntagszeitung.ch/wirtschaft/artikel-detailseite/?newsid=262774