End-of-Shift report
Timeframe: Dienstag 28-01-2014 18:00 − Mittwoch 29-01-2014 18:00
Handler: Stephan Richter
Co-Handler: n/a
Introducing ModSecurity Status Reporting
The Trustwave SpiderLabs Research team is committed to making ModSecurity the best open source WAF possible. To this end, we have deployed Buildbot platforms and revamped regression tests for our different ports to ensure code quality and reliability. But we want to take it even further. The question is, how else can we improve ModSecurity development and support? To best answer that question, we need some basic insight into the ModSecurity user community: How many ModSecurity deployments are...
http://blog.spiderlabs.com/2014/01/introducing-modsecurity-status-reporting.html
Defending Against Tor-Using Malware, Part 1
In the past few months, the Tor anonymity service as been in the news for various reasons. Perhaps most infamously, it was used by the now-shuttered Silk Road underground marketplace. We delved into the topic of the Deep Web in a white paper titled Deepweb and Cybercrime. In our 2014 predictions, we noted that cybercriminals would go deeper...
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/F4F76IP9KP8/
Eyeing SpyEye
Earlier this week, it was announced by the United States Department of Justice that the creator of the notorious SpyEye banking malware, Aleksandr Andreevich Panin (also known as Gribodemon or Harderman), had pleaded guilty before a federal court to charges related to creating and distributing SpyEye. Trend Micro was a key part of this investigation...
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/4eIEz-KJvXo/
This tool demands access to YOUR ENTIRE DIGITAL LIFE. Is it from GCHQ? No - its by IKEA
Order a flat-pack kitchen, surrender your HDDs contents If the Target hack - along with all its predecessors - taught us anything, its that the database isnt the vulnerability. Its the data thats the problem.
http://go.theregister.com/feed/www.theregister.co.uk/2014/01/29/ikea_demands_access_all_areas_for_kitchen_tool/
Botnetz nutzt Lücke in alten Java-Versionen
Sicherheitsexperten haben Schadsoftware entdeckt, die eine vor Monaten geschlossene Java-Lücke ausnutzt, um ein Botnetz aufzubauen. Das Programm läuft auf Windows, Linux und Mac OSX; Abhilfe ist einfach möglich.
http://www.heise.de/security/meldung/Botnetz-nutzt-Luecke-in-alten-Java-Versionen-2099839.html
Cisco Network Time Protocol Distributed Reflective Denial of Service Vulnerability
A vulnerability in the Network Time Protocol (NTP) package of several Cisco products could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5211
Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0680
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0681
WordPress WebEngage Plugin Multiple Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities have been discovered in the WebEngage plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
https://secunia.com/advisories/56700