End-of-Shift report
Timeframe: Donnerstag 24-04-2014 18:00 − Freitag 25-04-2014 18:00
Handler: Stephan Richter
Co-Handler: n/a
Number of Sites Vulnerable to Heartbleed Plunges by Two-Thirds
Two weeks ago, we talked about how many sites in the top 1 million domains (as judged by Alexa) were vulnerable to the Heartbleed SSL vulnerability. How do things stand today? Figure 1. Sites vulnerable to Heartbleed as of April 22 Globally, the percentage of sites that is vulnerable to Heartbleed has fallen by two-thirds,...
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/qyKz0tQVjAY/
Fareit trojan observed spreading Necurs, Zbot and CryptoLocker
The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.
http://feedproxy.google.com/~r/SCMagazineHome/~3/XrcbQ8kwwQo/
It's Insanely Easy to Hack Hospital Equipment
When Scott Erven was given free reign to roam through all of the medical equipment used at a chain of large midwest health care facilities, he knew he would find security problems with the systems -- but he wasnt prepared for just how bad it would be.
http://feeds.wired.com/c/35185/f/661467/s/39be98e1/sc/36/l/0L0Swired0N0C20A140C0A40Chospital0Eequipment0Evulnerable0C/story01.htm
Update für Windows 7 außer der Reihe
Windows-7-Nutzer bekommen von der Update-Funktion derzeit ein Update mit der Nummer 2952664 angeboten. Irritierend daran: Es erscheint außer der Reihe und Microsoft verrät auch nicht, welche Probleme das Update genau behebt.
http://www.heise.de/newsticker/meldung/Update-fuer-Windows-7-ausser-der-Reihe-2177165.html
Acunetix 8 Scanner Buffer overflow
Topic: Acunetix 8 Scanner Buffer overflow Risk: High Text:#!/usr/bin/python # Title: Acunetix Web Vulnerability Scanner Buffer Overflow Exploit # Version: 8 # Build: 20120704 # Test...
http://cxsecurity.com/issue/WLB-2014040162
Security Notice-Statement on Patch Bypassing of Apache Struts2
http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/hw-333420.htm
Hitachi Multiple Products OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
https://secunia.com/advisories/58022
Global Technology Associates GB-OS OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
https://secunia.com/advisories/58007
Certec atvise scada OpenSSL Heartbleed Vulnerability
Researcher Bob Radvanovsky of Infracritical has notified NCCIC/ICS-CERT that Certec has released new libraries that mitigate the OpenSSL Heartbleed vulnerability in atvise scada.This vulnerability could be exploited remotely. Exploits that target the OpenSSL Heartbleed vulnerability are known to be publicly available.
http://ics-cert.us-cert.gov/advisories/ICSA-14-114-01
Siemens SIMATIC S7-1200 CPU Web Vulnerabilities
Siemens ProductCERT and Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training have reported two vulnerabilities in the Siemens SIMATIC S7-1200 CPU family. Siemens has produced a new product release that mitigates these vulnerabilities.
http://ics-cert.us-cert.gov/advisories/ICSA-14-114-02
InduSoft Web Studio Directory Traversal Vulnerability
This advisory was originally posted to the US-CERT secure Portal library on April 17, 2014, and is now being released to the NCCIC/ICS-CERT web site.
http://ics-cert.us-cert.gov/advisories/ICSA-14-107-02
Festo CECX-X-(C1/M1) Controller Vulnerabilities
K. Reid Wightman of IOActive, Inc. has identified vulnerabilities in Festo’s CECX-X-C1 and CECX-X-M1 controllers. Festo has decided not to resolve these vulnerabilities because of compatibility reasons with existing engineering tools. This places critical infrastructure asset owners using this product at risk. This advisory is being published to alert critical infrastructure asset owners of the risk of using this equipment and for them to increase compensating measures if possible.
http://ics-cert.us-cert.gov/advisories/ICSA-14-084-01
Oracle Solaris ntpd Query Function Lets Remote Users Conduct Amplified Denial of Service Attacks
http://www.securitytracker.com/id/1030142
Synology DiskStation Manager cUrl Connection Re-use and Certificate Verification Security Issues
https://secunia.com/advisories/58145
SSA-635659 (Last Update 2014-04-25): Heartbleed Vulnerability in Siemens Industrial Products
https://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-635659.pdf
Halon Security Router Multiple Vulnerabilities
https://secunia.com/advisories/57507
HP Security Bulletins
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04262495
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04262472
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03822422
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04263038
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04264271
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04262670