End-of-Shift report
Timeframe: Dienstag 07-01-2014 18:00 − Mittwoch 08-01-2014 18:00
Handler: Alexander Riepl
Co-Handler: Stephan Richter
64-bit ZBOT Leverages Tor, Improves Evasion Techniques
Reports have surfaced that ZeuS/ZBOT, the notorious online banking malware, is now targeting 64-bit systems. During our own investigation, we have confirmed that several ZBOT 32-bit samples (detected as TSPY_ZBOT.AAMV) do have an embedded 64-bit version (detected as TSPY64_ZBOT.AANP). However, our investigation also lead us to confirm other noteworthy routines of the malware, including its...
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/RjjdkzMleq4/
Malicious Ads on DailyMotion Redirect to Fake AV Attack
Popular video-sharing site DailyMotion is serving malicious ads that redirect site visitors to domains hosting Fake AV malware, security firm Invincea reports.
http://threatpost.com/malicious-ads-on-dailymotion-redirect-to-fake-av-attack/103494
Einbruch in die Opensuse-Foren
Die öffentlichen Opensuse-Foren sind Opfer eines Angriffs geworden und derzeit abgeschaltet.
http://www.heise.de/security/meldung/Einbruch-in-die-Opensuse-Foren-2078128.html
Yahoo Mail: Verschlüsselung wird endlich Default
Alle Kommunikation mit Webmail-Service nun per HTTPS abgesichert - Aber kein Perfect Forward Secrecy
http://derstandard.at/1388650341295
Satellite Links for Remote Networks May Pose Soft Target for Attackers
Land-based terminals that send data to satellites may pose a soft target for hackers, an analysis from a computer security firm shows. VSATs, an abbreviation for "very small aperture terminals," supply Internet access to remote locations, enabling companies to transmit data from an isolated network to an organizations main one. The devices are used in a variety of industries, including energy, financial services and defense.
http://www.cio.com/article/745580/Satellite_Links_for_Remote_Networks_May_Pose_Soft_Target_for_Attackers
Linux Kernel, Font Bugs Fixed in Ubuntu
A huge number of security vulnerabilities have been fixed in Ubuntu, including a remotely exploitable font flaw that an attacker could use to run arbitrary code on vulnerable machines. A number of Linux kernel flaws also were patched in some versions of the operating system. The font vulnerability affects five different versions of Ubuntu, including...
http://threatpost.com/linux-kernel-font-bugs-fixed-in-ubuntu/103500
VU#487078: QNAP QTS path traversal vulnerability
Vulnerability Note VU#487078 QNAP QTS path traversal vulnerability Original Release date: 08 Jan 2014 | Last revised: 08 Jan 2014 Overview QNAP QTS 4.0.3 and possibly earlier versions contain a path traversal vulnerability. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) - CVE-2013-7174QNAP QTS is a Network-Attached Storage (NAS) system accessible via a web interface. QNAP QTS 4.0.3 and possibly earlier versions contain a path traversal...
http://www.kb.cert.org/vuls/id/487078
Vuln: Cisco Unified Communications Manager Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/64690
HP 2620 Switch Series Cross-Site Request Forgery Vulnerability
https://secunia.com/advisories/56290