End-of-Shift report
Timeframe: Mittwoch 12-02-2014 18:00 − Donnerstag 13-02-2014 18:00
Handler: Stephan Richter
Co-Handler: n/a
In the wild: Phony SSL certificates impersonating Google, Facebook, and iTunes
Bogus credentials may be enough to ensnare some smartphone apps, researchers say.
http://feeds.arstechnica.com/~r/arstechnica/security/~3/_AvaaGHbDLo/story01.htm
Gameover Zeus most active banking trojan in 2013, researchers report
The most active banking trojan of 2013 was the Gameover variant Zeus, according to the latest research by the experts with the Dell SecureWorks Counter Threat Unit.
http://www.scmagazine.com/gameover-zeus-most-active-banking-trojan-in-2013-researchers-report/article/333795/
Decoding Domain Generation Algorithms (DGAs) - Part I
Part 1 - Unpacking the binary to properly view it in IDA Pro
http://vrt-blog.snort.org/2014/02/decoding-domain-generation-algorithms.html
Weekly Metasploit Update: Android WebView Exploit, Clipboard Monitor, and Mass Checks
Weekly Metasploit Update: Android WebView Exploit, Clipboard Monitor, and Mass Checks
https://community.rapid7.com/community/metasploit/blog/2014/02/13/weekly-metasploit-update
TYPO3: Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: alpha_sitemap, femanager ke_stats, outstats, px_phpids, smarty, wec_map
http://typo3.org/news/article/several-vulnerabilities-in-third-party-extensions/
python-gnupg Command Injection Vulnerabilities
https://secunia.com/advisories/56616
Security Bulletin: Multiple vulnerabilities in current IBM SDK for Java for WebSphere Application Server January 2014 CPU
Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server. CVE(s): CVE-2014-0411 Affected product(s) and affected version(s): SDK shipped with IBM WebSphere Application Server Version 8.5.0.0 through 8.5.5.1, Version 8.0.0.0 through 8.0.0.8, Version 7.0.0.0 through 7.0.0.31, Version 6.1.0.0 through 6.1.0.47 Refer to the following reference URLs for remediation and additional vulnerability details.
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_vulnerabilities_in_current_ibm_sdk_for_java_for_websphere_application_server_january_2014_cpu?lang=en_us
Drupal - Vulnerabilities in third-party Contributions
https://drupal.org/node/2194135
https://drupal.org/node/2194589
https://drupal.org/node/2194621
https://drupal.org/node/2194639
https://drupal.org/node/2194655
https://drupal.org/node/2194671
https://drupal.org/node/2194809
https://drupal.org/node/2194877
SAP NetWeaver Multiple Vulnerabilities
https://secunia.com/advisories/56947
Juniper Networks - 2014-02 Security Threat Response Manager: Multiple vulnerabilities
Product Affected: STRM series devices and virtual machines with SRTM software releases: 2010.0, 2012.0, 2012.1, 2013.1, 2013.2
http://kb.juniper.net/InfoCenter/index/content&id=JSA10614