End-of-Shift report
Timeframe: Donnerstag 17-04-2014 18:00 − Freitag 18-04-2014 18:00
Handler: Alexander Riepl
Co-Handler: Stephan Richter
Looking for malicious traffic in electrical SCADA networks - part 2 - solving problems with DNP3 Secure Authentication Version 5, (Thu, Apr 17th)
I received this week a very valuable e-mail from the DNP Technical Committee Chair, Mr. Adrew West, who pointed an excellent observation and its the very slow adoption of DNP3 Secure Authentication Version 5, which is the latest security enhancement for the DNP3 protocol. I want to talk today about this standard and the advantages of adopting it into your DNP3 SCADA system. This standard has two specific objectives: Help DNP3 outstation to determine beyond any reasonable doubt that its...
http://isc.sans.edu/diary.html?storyid=17981&rss
Heartbleed Bug Sends Bandwidth Costs Skyrocketing
The exposure of the Heartbleed vulnerability last week had a number of repercussions, one of which was to set off a mad scramble by companies to revoke the SSL certificates for their domains and services and obtain new ones. The total costs of Heartbleed are yet to be calculated, but CloudFlare has come up with...
http://feeds.wired.com/c/35185/f/661467/s/397cb2f7/sc/5/l/0L0Swired0N0C20A140C0A40Ccost0Eof0Eheartbleed0C/story01.htm
Heartbleed bereitet Anonymisierungsnetzwerk Tor Schwierigkeiten
Rund ein Fünftel der Exit Nodes von OpenSSL-Lücke betroffen - Vorschlag diese aus dem Netz zu werfen...
http://derstandard.at/1397520979826
Mac OS X Trojans display ads
April 16, 2014 Malicious programs designed to generate a profit for intruders by displaying annoying ads are very common, but until recently they have mostly been a nuisance for Windows users. Thats why a few Trojans that were recently examined by Doctor Webs security researchers stand out among such applications...
http://news.drweb.com/show/?i=4352&lng=en&c=9
Heartbleed Update
Adobe has evaluated the Creative Cloud and its related services (including Behance and Digital Publishing Suite), the Marketing Cloud solutions and products (including Analytics, Analytics Premium and Experience Manager), EchoSign, Acrobat.com, the Adobe.com store, and other Adobe services. All Adobe internet-facing services known to have been using a version of OpenSSL containing the Heartbleed vulnerability have been mitigated. We are continuing our analysis of Adobe internet-facing servers to identify and remediate any remaining Heartbleed-related risks.
http://blogs.adobe.com/psirt/?p=1085
Security Advisory-OpenSSL Heartbeat Extension vulnerability (Heartbleed bug) on Huawei multiple products
Some OpenSSL software versions used in multiple Huawei products have the following OpenSSL vulnerability. Unauthorized remote attackers can dump 64 Kbytes of memory of the connected server or client in each attack. The leaked memory may contain sensitive information, such as passwords and private keys (Vulnerability ID: HWPSIRT-2014-0414).
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-332187.htm
McAfee Security Bulletin - OpenSSL Heartbleed vulnerability patched in McAfee products
Several McAfee products are vulnerable to OpenSSL Heartbleed. See the McAfee Product Vulnerability Status lists below for the status of each product.
https://kc.mcafee.com/corporate/index/content&id=SB10071
Nagios Remote Plugin Executor 2.15 Remote Command Execution
Topic: Nagios Remote Plugin Executor 2.15 Remote Command Execution Risk: High Text: - Release date: 17.04.2014 - Discovered by: Dawid Golunski - Severity: High I. VULNER...
http://cxsecurity.com/issue/WLB-2014040126
MariaDB Multiple Vulnerabilities
https://secunia.com/advisories/58106
Debian update for qemu and qemu-kvm
https://secunia.com/advisories/58088
OpenVZ update for kernel
https://secunia.com/advisories/58060