Tageszusammenfassung - Freitag 14-11-2014

End-of-Shift report

Timeframe: Donnerstag 13-11-2014 18:00 − Freitag 14-11-2014 18:00 Handler: Alexander Riepl Co-Handler: n/a

Network Hijackers Exploit Technical Loophole

Spammers have been working methodically to hijack large chunks of Internet real estate by exploiting a technical and bureaucratic loophole in the way that various regions of the globe keep track of the worlds Internet address ranges.

http://krebsonsecurity.com/2014/11/network-hijackers-exploit-technical-loophole/


BASHLITE Affects Devices Running on BusyBox

When news of the Shellshock vulnerability broke out at the end of September, we spotted several attacks that leveraged the said vulnerability, thus manifesting the prevalence or even evolution on how attackers used the ..

http://blog.trendmicro.com/trendlabs-security-intelligence/bashlite-affects-devices-running-on-busybox/


OnionDuke: APT Attacks Via the Tor Network

Recently, research was published identifying a Tor exit node, located in Russia, that was consistently and maliciously modifying any uncompressed Windows executables downloaded through it. Naturally this piqued our interest, so we decided to peer down the rabbit hole. Suffice to say, the hole was a lot deeper than we expected! In fact, it went all the way ..

http://www.f-secure.com/weblog/archives/00002764.html


The Art of Website Malware Removal - The Basics

When talking about defense against malicious hacks, the attack vector is a common topic for Information Security (InfoSec) professionals. The primary concern is to understand the anatomy of the attack and prevent it from happening ..

http://blog.sucuri.net/2014/11/the-art-of-website-malware-removal-the-basics.html


Android 5: Lollipop verschlüsselt - noch besser

Mehr Sicherheit für persönliche Daten: Ab Android 5.0 aktiviert Google die automatische Verschlüsselung. Es ist nur eine von vielen zusätzlichen Sicherheitsfunktionen in Lollipop.

http://www.golem.de/news/android-5-lollipop-verschluesselt-noch-besser-1411-110547.html


Gefälschte iOS-Apps: Apple sind keine Angriffe bekannt

Apple sieht nach einer Warnung vor Hacker-Angriffen mit gefälschten iOS-Apps keinen akuten Handlungsbedarf. "Uns sind keine Kunden bekannt, die von einer solchen Attacke betroffen gewesen wären", erklärte der Konzern gegenüber ..

http://www.heise.de/security/meldung/Gefaelschte-iOS-Apps-Apple-sind-keine-Angriffe-bekannt-2457188.html


Son of Stuxnet - The Digital Hunt for Duqu, a Dangerous and Cunning U.S.-Israeli Spy Virus

Boldizsar Bencsath took a bite from his sandwich and stared at his computer screen. The software he was trying to install on his machine was taking forever to load, and he still had a dozen things to do before the Fall 2011 semester began at the Budapest University of Technology and Economics, where ..

https://firstlook.org/theintercept/2014/11/12/stuxnet/


Android und iPhone beim Mobile Pwn2Own gefällt

Alle drei grossen Mobil-Betriebssysteme sind bei der diesjährigen Mobile-Ausgabe von HPs Pwn2Own-Wettbewerb erfolgreichen Hacks zum Opfer gefallen. Der Angriff auf Windows Phone ist dabei allerdings im Vergleich noch eher harmlos.

http://www.heise.de/security/meldung/Android-und-iPhone-beim-Mobile-Pwn2Own-gefaellt-2457183.html


SChannel Update and Experimental Vulnerability Scanner (MS14-066), (Fri, Nov 14th)

Just a quick update on the SChannel problem (MS14-066, CVE-2014-6321). So far, there is still no public available exploit for the vulnerability, and details are still sparse. But apparently, there is some progress in developing a ..

https://isc.sans.edu/diary.html?storyid=18953