End-of-Shift report
Timeframe: Donnerstag 23-01-2014 18:00 − Freitag 24-01-2014 18:00
Handler: Alexander Riepl
Co-Handler: Stephan Richter
Russische Spione im Tor-Netz enttarnt
Forscher stießen auf 20 Exit Nodes, welche die HTTPS-Verbindungen von Tor-Nutzern aufzubrechen versuchten. Die meisten davon stammen aus Russland.
http://www.heise.de/security/meldung/Russische-Spione-im-Tor-Netz-enttarnt-2094963.html
Bug Exposes IP Cameras, Baby Monitors
A bug in the software that powers a broad array of Webcams, IP surveillance cameras and baby monitors made by Chinese camera giant Foscam allows anyone with access to the devices Internet address to view live and recorded video footage, KrebsOnSecurity has learned.
http://krebsonsecurity.com/2014/01/bug-exposes-ip-cameras-baby-monitors/
"Syrian Electronic Army" attackierten Twitter-Account von CNN
Sender: "Ja, es ist auch uns passiert. CNN-Accounts gehackt"
http://derstandard.at/1389858074081
65.000 E-Mail-Konten bei Salzburg AG gehackt
Bei der Salzburg AG sind die Zugangsdaten von mehr als 65.000 E-Mail- und Internetkonten gehackt worden. Bankdaten seien nicht betroffen, betonte das Unternehmen. Die Hintergründe der Tat sind unklar. User und Kunden üben Kritik.
http://news.orf.at/stories/2215391/
Angebliche Sicherheitslücke in aktuellem Chrome nicht zu finden
Ein Fehler in Googles Browser lässt sich mit der aktuellen Version nicht reproduzieren. Google will die Lücke schon vor Längerem geschlossen haben.
http://www.heise.de/security/meldung/Angebliche-Sicherheitsluecke-in-aktuellem-Chrome-nicht-zu-finden-2096641.html
Malicious links for iOS users
January 23, 2014 Russian anti-virus company Doctor Web is warning iOS device users about a growing number of incidents involving the distribution of links to bogus sites via mobile app advertisements. An iOS user misguided by such fraud can end up subscribed to a pseudo-service and thus lose money from their mobile account. Recently, users of mobile devices running iOS have been encountering advertisements with increasing frequency in the free applications on their smart phones and tablets. Ads
http://news.drweb.com/show/?i=4204&lng=en&c=9
GE Proficy Multiple Vulnerabilities
Researchers amisto0x07 and Z0mb1E of Zero Day Initiative (ZDI) have identified two vulnerabilities in the General Electric (GE) Proficy human-machine interface/supervisory control and data acquisition (HMI/SCADA) - CIMPLICITY application. GE has released security advisories, GEIP13-05 and GEIP13-06, to inform customers about these vulnerabilities.These vulnerabilities could be exploited remotely.
http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01
DSA-2848 mysql-5.5
Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.35. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details.
http://www.debian.org/security/2014/dsa-2848
Bugtraq: [CVE-2014-1607.] Cross Site Scripting(XSS) in Drupal Event calendar module
Reflected cross-site scripting (XSS) vulnerability in Drupal 7.14 EventCalendar Module, found in eventcalendar/year allows remote attackers to inject arbitrary web scripts or HTML after the inproperly sanitizited Year Parameter.
http://www.securityfocus.com/archive/1/530876
Cisco TelePresence Video Communication Server Expressway Default SSL Certificate Vulnerability
A vulnerability in the Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to execute a man-in-the-middle (MITM) attack between one or more affected devices.
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0675