End-of-Shift report
Timeframe: Dienstag 18-02-2014 18:00 − Mittwoch 19-02-2014 18:00
Handler: Alexander Riepl
Co-Handler: Christian Wojner
Time to Harden Your Hardware?
Most Internet users are familiar with the concept of updating software that resides on their computers. But this past week has seen alerts about an unusual number of vulnerabilities and attacks against some important and ubiquitous hardware devices, from consumer-grade Internet routers, data storage and home automation products to enterprise-class security solutions.
http://krebsonsecurity.com/2014/02/time-to-harden-your-hardware/
2013 DataBreach Report By Risk Based Security
Today Riskbasedsecurity.com has announced a report that covers the 2013 period for databreaches of all kinds.
http://www.cyberwarnews.info/2014/02/19/2013-databreach-report-by-risk-based-security/
Lets Talk About Your Security Breach with Metasploit. Literally. In Real Time.
During a recent business trip in Boston, Tod and I sat down in a bar with the rest of the Metasploit team, and shared our own random alcohol-driven ideas on Metasploit hacking. At one point we started talking about hacking webcams. At that time Metasploit could only list webcams, take a snapshot, stream (without sound), or record audio using a meterpreter...
https://community.rapid7.com/community/metasploit/blog/2014/02/18/lets-talk-about-your-security-breach-with-metasploit-literally
300,000 Usernames, Passwords Posted to Pastebin
More than 300,000 credentials were posted on the clipboard website Pastebin.com in the year 2013 alone according to a recent analysis by a Swiss security firm.
http://threatpost.com/300000-usernames-passwords-posted-to-pastebin/104333
Smartphones und Tablets: Exploit-Code für 14 Monate altes Android-Sicherheitsloch
Für eine seit 14 Monaten bekannte Sicherheitslücke in Android ist Exploit-Code für das Framework Metasploit veröffentlicht worden. Ein Sicherheitsforscher kritisiert, dass die meisten im Umlauf befindlichen Android-Geräte die Sicherheitslücke aufweisen.
http://www.golem.de/news/smartphones-und-tablets-exploit-code-fuer-14-monate-altes-android-sicherheitsloch-1402-104652-rss.html
Detected new Zeus variant which makes use of steganography
Security experts at Malwarebytes detected a new of the popular Zeus banking trojan variant which makes use of steganography to hide the configuration file.
http://securityaffairs.co/wordpress/22334/malware/zeus-banking-malware-nestles-crucial-file-photo.html
Hack gegen AVM-Router: AVM veröffentlicht Liste betroffener Fritzboxen
Nach langem Hin und Her hat AVM jetzt eine Liste aller Fritzboxen veröffentlicht, die deren genauen Sicherheitsstatus dokumentiert. Für zwei der betroffenen Geräte steht noch kein Update bereit und einige Fragen bleiben weiterhin offen.
http://www.heise.de/security/meldung/Hack-gegen-AVM-Router-AVM-veroeffentlicht-Liste-betroffener-Fritzboxen-2118070.html
Admin rights key to mitigating vulnerabilities, study shows
Its been best-practice for a very long time: all users and processes should run with the fewest privileges necessary. This limits the damage that can be done by an attacker if the user or process is compromised.
http://www.zdnet.com/admin-rights-key-to-mitigating-vulnerabilities-study-shows-7000026428/
Second Group Seen Using IE 10 Zero Day
There are at least two different groups running attacks exploiting the recently published zero day vulnerability in Internet Explorer 10, and researchers say one of the groups used the bug to impersonate a French aerospace manufacturer and compromise victims visiting the spoofed Web page. The attackers also used a special feature of ..
http://threatpost.com/second-group-seen-using-ie-10-zero-day/104344
Security Bulletins: SSL Certificate Validation Vulnerability in the Citrix ShareFile Mobile Application for Android and the Citrix ShareFile Mobile for Tablets Application for Android
http://support.citrix.com/article/CTX140303
MediaWiki Thumb.php Remote Command Execution
Topic: MediaWiki Thumb.php Remote Command Execution
http://cxsecurity.com/issue/WLB-2014020153
Ruby on Rails Multiple Vulnerabilities
Ruby on Rails Multiple Vulnerabilities
https://secunia.com/advisories/56964