End-of-Shift report
Timeframe: Montag 14-04-2014 18:00 − Dienstag 15-04-2014 18:00
Handler: Robert Waldner
Co-Handler: Alexander Riepl
Barracuda Multiple Products OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
https://secunia.com/advisories/57869
DSA-2903 strongswan
http://www.debian.org/security/2014/dsa-2903
Occupy Your Icons Silently on Android
FireEye mobile security researchers have discovered a new Android security issue: a malicious app with normal protection level permissions can probe icons on Android home screen and modify them to point to phishing ..
http://www.fireeye.com/blog/uncategorized/2014/04/occupy_your_icons_silently_on_android.html
From the Trenches: AV Evasion With Dynamic Payload Generation
https://community.rapid7.com/community/metasploit/blog/2014/04/14/from-the-trenches-av-evasion-with-dynamic-payload-generation
Critical Patch Update - April 2014 - Pre-Release Announcement
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
First Phase of TrueCrypt Audit Turns Up No Backdoors
A initial audit of the popular open source encryption software TrueCrypt turned up fewer than a dozen vulnerabilities, none of which so far point toward a backdoor surreptitiously inserted into the codebase. A report on the first phase of the audit was released ..
http://beta.slashdot.org/story/200749
Microsoft Confirms It Is Dropping Windows 8.1 Support
Microsoft TechNet blog makes clear that Windows 8.1 will not be patched, and that users must get Windows 8.1 Update if they want security patches, InfoWorlds Woody Leonhard reports. In what is surely the most customer-antagonistic move of the new Windows regime, Steve Thomas at Microsoft posted a TechNet article on Saturday stating categorically that Microsoft will ..
http://tech.slashdot.org/story/14/04/15/0053213/microsoft-confirms-it-is-dropping-windows-81-support
VMware reveals 27-patch Heartbleed fix plan
Go buy your vSysadmins a big choccy egg: their Easter in peril VMware has confirmed that 27 of its products need patches for the Heartbleed bug.
http://www.theregister.co.uk/2014/04/15/vmware_reveals_27patch_heartbleed_fix_plan/
Cyberwar-Doku "netwars / out of CTRL": Webdoc bei heise
heise online präsentiert parallel zur Arte-Doku den ersten Teil der innovativen Multimedia-Dokumentation zum Thema Cyberwar. Sie entscheiden selbst, ob Sie beispielsweise lieber Details zu Stuxnet oder einen Kommentar des Star-Hackers FX sehen möchten.
http://www.heise.de/newsticker/meldung/Cyberwar-Doku-netwars-out-of-CTRL-Webdoc-bei-heise-2170122.html
Samsung Galaxy S5: Fingerabdrucksensor auch schon gehackt
Mit einer für das iPhone 5S entwickelten Fingerkuppenattrappe trickste Ben Schlabs die Sperre des neuen Samsung-Flagschiffs aus. Er konnte damit dann sogar Geld überweisen.
http://www.heise.de/security/meldung/Samsung-Galaxy-S5-Fingerabdrucksensor-auch-schon-gehackt-2170192.html
SSA-364879 (Last Update 2014-04-15): Vulnerabilities in SINEMA Server
https://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-364879.pdf
SSA-654382 (Last Update 2014-04-15): Vulnerabilities in SIMATIC S7-1200 CPU
https://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-654382.pdf
Akamai Withdraws Proposed Heartbleed Patch
As researchers demonstrate OpenSSL bug exploits that retrieve private keys, Akamai rescinds a patch suggestion for the SSL/TLS library after a security researcher punches holes in it.
http://www.darkreading.com/application-security/akamai-withdraws-proposed-heartbleed-patch/d/d-id/1204443
(ISC) launches cyber forensics credential in Europe
Information and software security professional body (ISC)2 has announced the availability of its Certified Cyber Forensics Professional certification in Europe. Registration for CCFP-EU is now open, with the first exam available on 30 April 2014 at Pearson VUE test centres across the region. The German translation of the exam is to be available from 15 June 2014.
http://www.computerweekly.com/news/2240218864/ISC2-launches-cyber-forensics-credential-in-Europe
BSI warnt vor BSI-Mails
Betrüger missbrauchen den Namen des BSI für eine Phishing-Kampagne, die vorgibt, dass der Empfänger bei "illegalen Aktivitäten" erwischt wurde. Das BSI rät, den Anhang keinesfalls zu öffnen.
http://www.heise.de/security/meldung/BSI-warnt-vor-BSI-Mails-2170549.html
Hardware Giant LaCie Acknowledges Year-Long Credit Card Breach
Computer hard drive maker LaCie has acknowledged that a hacker break-in at its online store exposed credit card numbers and contact information on customers for the better part of the past ..
http://krebsonsecurity.com/2014/04/hardware-giant-lacie-acknowledges-year-long-credit-card-breach/
Synology räumt nach Heartbleed auf: Passwort-Wechsel und Updates
Nachdem es durch die Heartbleed-Lücke gelang, auf Mail-Adressen und Passwörter von Synology-Nutzern zuzugreifen, fordert der Hersteller seine Kunden nun nachdrücklich zum Passwortwechsel auf. Ausserdem gibt es Security-Updates für die Synology-NAS.
http://www.heise.de/security/meldung/Synology-raeumt-nach-Heartbleed-auf-Passwort-Wechsel-und-Updates-2170759.html
Exploiting CSRF under NoScript Conditions
https://community.rapid7.com/community/metasploit/blog/2014/04/15/exploiting-csrf-without-javascript