End-of-Shift report
Timeframe: Freitag 27-09-2013 18:00 − Montag 30-09-2013 18:00
Handler: Robert Waldner
Co-Handler: n/a
IBM WebSphere DataPower XC10 unauthorized access
An unspecified vulnerability in IBM WebSphere DataPower could allow unauthenticated access to administrative operations and data.
http://xforce.iss.net/xforce/xfdb/87299
Security Bulletin: Multiple security vulnerabilities exist in IBM InfoSphere Information Server (CVE-2013-0585, CVE-2013-3034, CVE-2013-3040 and CVE-2013-0599)
Security Bulletin: Multiple security vulnerabilities exist in IBM InfoSphere Information Server (CVE-2013-0585, CVE-2013-3034, CVE-2013-3040 and CVE-2013-0599) CVE(s): CVE-2013-0585 , CVE-2013-3034 , CVE-2013-3040 , CVE-2013-0599, CVE-2013-0585, CVE-2013-3034, CVE-2013-3040, and CVE-2013-0599 Affected product(s) and affected version(s): IBM InfoSphere Information Server versions 8.1, 8.5, 8.7, 9.1.0, and 9.1.2 running on all platforms
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_security_vulnerabilities_exist_in_ibm_infosphere_information_server_cve_2013_0585_cve_2013_3034_cve_2013_3040_and_cve_2013_05992?lang=en_us
Security Bulletin: Vulnerability in IBM Rational ClearQuest Web Client with potential for JSON Hijacking Attack (CVE-2013-3041)
A JSON Hijacking Attack vulnerability exists in IBM Rational ClearQuest Web Client. CVE(s): CVE-2013-3041 Affected product(s) and affected version(s): Upgrade to IBM Rational ClearQuest version: 7.1.2.12, 8.0.0.8, or 8.0.1.1 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:
http://www-01.ibm.com/support/docview.wss?uid=swg21648086 X-Force Database:
http://xforce.iss.net/xforce/xfdb/84724
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_vulnerability_in_ibm_rational_clearquest_web_client_with_potential_for_json_hijacking_attack_cve_2013_3041?lang=en_us
Security Bulletin: Vulnerability in IBM Rational ClearQuest Web Client with potential for Cross-Site Request Forgery (CVE-2013-0598)
A Cross-Site Request Forgery (CSRF) Attack vulnerability exists in IBM Rational ClearQuest Web Client CVE(s): CVE-2013-0598 Affected product(s) and affected version(s): Rational ClearQuest Web v7.1 through 7.1.2.10, v8.0 through 8.0.0.7, and v8.0.1 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:
http://www.ibm.com/support/docview.wss?uid=swg21648665 X-Force Database:
http://xforce.iss.net/xforce/xfdb/83611
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_vulnerability_in_ibm_rational_clearquest_web_client_with_potential_for_cross_site_request_forgery_cve_2013_0598?lang=en_us
Security Bulletin: Multiple JRE vulnerabilities addressed in IBM Sterling Secure Proxy (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)
The IBM JRE embedded in the IBM Sterling Secure Proxy Configuration Manager has security vulnerabilities that affect SSL connections to the configuration GUI. CVE(s): CVE-2013-0440, CVE-2013-0443, and CVE-2013-0169 Affected product(s) and affected version(s): Sterling Secure Proxy 3.4.1 Sterling Secure Proxy 3.4.0 Sterling Secure Proxy 3.3.01 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_jre_vulnerabilities_addressed_in_ibm_sterling_secure_proxy_cve_2013_0440_cve_2013_0443_cve_2013_0169?lang=en_us
As Hurricane Season Looms, Its Disaster-Preparedness Time
Nervals Lobster writes "In 2012, hurricane Sandy smacked the East Coast and did significant damage to New Jersey, New York City, and other areas. Flooding knocked many datacenters in Manhattan offline, temporarily taking down a whole lot of Websites in the process. Now that fall (and the tail end of hurricane season) is upon us again, any number of datacenters and IT companies are probably looking over their disaster-preparedness checklists in case another storm comes barreling through.
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/fMCJ586KPYE/story01.htm
Internet-Ombudsmann warnt vor Onlineshop-Falle
Der österreichische Internet-Ombudsmann warnt vor der Firma Factory Store OHG, da sie angeblich Kunden mit günstigen Angeboten in eine Falle lockt.
http://www.heise.de/security/meldung/Internet-Ombudsmann-warnt-vor-Onlineshop-Falle-1969291.html
Gesicherte BlackBerrys in Deutschland zugelassen
Ein vom Düsseldorfer Anbieter Secusmart abgesichertes BlackBerry-Modell wurde in Deutschland die Zulassung für den Dienstgebrauch in Regierungsbehörden erteilt.
http://futurezone.at/digital-life/gesicherte-blackberrys-in-deutschland-zugelassen/28.955.419
ReadMore CMS Multiple Vulnerability
Topic: ReadMore CMS Multiple Vulnerability
Risk: Medium
http://cxsecurity.com/issue/WLB-2013090190
Metasploit creator seeks crowds help for vuln scanning
Project Sonar combines tools, data and research Security outfit Rapid7 has decided that theres just too much security vulnerability information out there for any one group to handle, so its solution is to try and crowd-source the effort.…
http://go.theregister.com/feed/www.theregister.co.uk/2013/09/30/hd_more_seeks_crowd_help_for_vuln_scanning/
The Ghost in the (Portable) Machine: Securing Mobile Banking
Online banking is one of the many tasks that have been made more convenient by mobile technology. Now, users can purchase products and/or services, pay their bills and manage their finances from anywhere, and anytime. However, there are threats against mobile banking exist, which need to be addressed and secured against. Some of these threats […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroThe Ghost in the (Portable) Machine: Securing Mobile Banking
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/ftep24zpfWE/
Wordpress 3.7 Beta 1 verspricht mehr Sicherheit
Das Wordpress-Projekt hat beschlossen, den Release-Zyklus für Version 3.7 zu verkürzen und bereits die erste Betaversion veröffentlicht. Wordpress 3.7 Beta 1 bringt vor allem einige neue Funktionen, die die Sicherheit der Blog-Software erhöhen sollen.
http://www.heise.de/newsticker/meldung/Wordpress-3-7-Beta-1-verspricht-mehr-Sicherheit-1969473.html
Bugtraq: [IBliss Security Advisory] Cross-site scripting ( XSS ) in PHP IDNA Convert
PHP Net_IDNA is a class to convert between the Punycode and Unicode formats. Punycode is a standard described in RFC 3492 and part of IDNA
(Internationalizing Domain Names in Applications [RFC3490]) . This class allows PHP scripts to convert these domain names without having one of
the PHP extensions installed. It supports both IDNA 2003 and IDNA 2008.
http://www.securityfocus.com/archive/1/528934
Sicherheit von SHA-3 angeblich verringert
Forscher werfen dem NIST vor, den SHA-3-Algorithmus Keccak für die Standardisierung durch Modifikationen unsicherer zu machen. Sichere Hashverfahren werden insbesondere für digitale Signaturen und Integritätschecks von Software benötigt.
http://www.heise.de/newsticker/meldung/Kryptographie-NIST-will-angeblich-Sicherheit-von-SHA-3-schmaelern-1969456.html
Emerson Multiple Products Security Issue and Arbitrary Code Execution Vulnerability
Emerson Multiple Products Security Issue and Arbitrary Code Execution Vulnerability
https://secunia.com/advisories/54936
Needle in a Haystack: Detecting Zero-Day Attacks
People often ask me what differentiates FireEye from its rivals. The real question is “What should I look for in a solution to advanced persistent threats, regardless of the provider?” (And while I can rattle off a long list of … Continue reading →
http://www.fireeye.com/blog/corporate/2013/09/needle-in-a-haystack-detecting-zero-day-attacks.html
7 Sneak Attacks Used By Todays Most Devious Hackers
Here are some of the latest techniques of note that have piqued my interest as a security researcher and the lessons learned. Some stand on the shoulders of past malicious innovators, but all are very much in vogue today as ways to rip off even the savviest users.
http://www.cio.com/article/740598/7_Sneak_Attacks_Used_By_Today_s_Most_Devious_Hackers?taxonomyId=3089
Apache Camel Simple Language Expression Arbitrary Code Execution Vulnerability
A vulnerability has been reported in Apache Camel, which can be exploited by malicious users to compromise an application using the framework.
https://secunia.com/advisories/54888