End-of-Shift report
Timeframe: Freitag 25-04-2014 18:00 − Montag 28-04-2014 18:00
Handler: Robert Waldner
Co-Handler: n/a
Using Facebook Notes to DDoS any website
Facebook Notes allows users to include tags. Whenever a tag is used, Facebook crawls the image from the external server and caches it. Facebook will only cache the image once however using random get parameters the cache can be by-passed and the feature can be abused to cause a huge HTTP GET flood.
http://chr13.com/2014/04/20/using-facebook-notes-to-ddos-any-website/
Mozilla entschlackt Zertifkats-Überprüfung
Statt 81.865 sind jetzt nur noch 4167 Zeilen Code zum überprüfen von SSL-Zertifikaten nötig. Wer Sicherheitslücken in darin findet, erhält einen üppigen Finderlohn.
http://www.heise.de/security/meldung/Mozilla-entschlackt-Zertifkats-Ueberpruefung-2177285.html
Examining the Heartbleed-based FUD thats pitched to the public
The Heartbleed vulnerability has created a massive news cycle, and generated technical risk-based discussions that might actually do some good. But some of these discussions boggle the mind, spreading misinformation in order to generate clicks or sales.When security issues hit the mass media, such as Heartbleed, there is a good deal of Fear, Uncertainty, and Doubt - better known as FUD - that gets promoted on the airwaves and in print.
http://www.csoonline.com/article/2148461/application-security/examining-the-heartbleed-based-fud-thats-pitched-to-the-public.html#tk.rss_applicationsecurity
Sicherheitslücke bei Messaging-App Viber aufgedeckt
Bilder, Videos und Standortdaten, die man mit der Messaging-App Viber übermittelt, werden unverschlüsselt auf Servern gespeichert. Der Zugang dazu ist äußerst einfach.
http://futurezone.at/digital-life/sicherheitsluecke-bei-messaging-app-viber-aufgedeckt/62.729.710
Microsoft Warns of Attacks on IE Zero-Day
Microsoft is warning Internet Explorer users about active attacks that attempt to exploit a previously unknown security flaw in every supported version of IE. The vulnerability could be used to silently install malicious software without any help from users, save for perhaps merely browsing to a hacked or malicious site.
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/PUm3t0AZZzc/
Neue Internet-Explorer-Lücke wird zum Ernstfall für Windows XP
Wird bereits aktiv ausgenutzt - Kein Update mehr für XP, andere Betriebssystemversion derzeit ebenfalls noch ungeschützt
http://derstandard.at/1397521804143
Biggest EU cyber security exercise to date: Cyber Europe 2014 taking place today
Today, 28 April 2014, European countries kick off the Cyber Europe 2014 (CE2014). CE2014 is a highly sophisticated cyber exercise, involving more than 600 security actors across Europe.
http://www.enisa.europa.eu/media/press-releases/biggest-eu-cyber-security-exercise-to-date-cyber-europe-2014-taking-place-today
Cisco IOS XE Software Malformed L2TP Packet Vulnerability
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) module of Cisco IOS XE on Cisco ASR 1000 Series Routers could allow an authenticated, remote attacker to cause a reload of the processing ESP card.
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183
Security updates available for Adobe Flash Player (APSB14-13)
A Security Bulletin (APSB14-13) has been published regarding security updates for Adobe Flash Player. These updates address a critical vulnerability, and Adobe recommends users update their product installations to the latest versions
http://blogs.adobe.com/psirt/?p=1093