End-of-Shift report
Timeframe: Montag 28-04-2014 18:00 − Dienstag 29-04-2014 18:00
Handler: Robert Waldner
Co-Handler: Alexander Riepl
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer - Version: 23.0
https://technet.microsoft.com/en-us/library/security/2755801
Ubuntu 14.04 lockscreen bypass, (Mon, Apr 28th)
Upgraded to Ubuntu 14.04? Hold down enter to bypass the lockscreen (what is old is new again):
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572 …" The reporter indicates that he was running Ubuntu 14.04 with all the packages updated. When the screen is locked with password, if holding ENTER, after some seconds the screen freezes and the lock screen ..
http://isc.sans.edu/diary.html?storyid=18039
Cisco ASA DHCPv6 Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2182
Researchers warn of resurgent Sefnit malware
Botnet returns using new tactics A malware infection which drew headlines January has returned and is using new techniques to infect and spread amongst users.
www.theregister.co.uk/2014/04/29/researchers_warn_of_resurgent_sefnit_malware/
Citrix NetScaler Application Delivery Controller and NetScaler Gateway Multiple Security Updates
A number of security vulnerabilities have been identified in the management component of the Citrix NetScaler Application Delivery Controller ..
http://support.citrix.com/article/CTX140651
Massenhack bei AOL: Millionen Nutzer betroffen
Unbekannte verschaffen sich Zugang zu privaten Informationen - Unternehmen fordert zum ändern des Passworts auf
http://derstandard.at/1397521927406
The FireEye Advanced Threat Report 2013: European Edition
We recently published the 2013 FireEye Advanced Threat Report during RSA Conference, providing a global overview of the advanced attacks that FireEye discovered last year. We are now drilling that global analysis down into the European threat ..
http://www.fireeye.com/blog/corporate/2014/04/the-fireeye-advanced-threat-report-2013-european-edition.html
Cybercriminals Take Advantage Of Heartbleed With Spam
Since news about Heartbleed broke out earlier this month, the Internet has been full of updates, opinions and details about the vulnerability, with personalities ranging from security experts to celebrities talking about it. Being as opportunistic as they are, cybercriminals have taken notice of this and ..
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/RKpGQ6-RSA8/
Q1 2014 Mobile Threat Report
Our Mobile Threat Report for Q1 2014 is out! Heres a couple of the things we cover in it:The vast majority of the new threats found was on Android (no surprise there), which accounted for 275 out of 277 new families we saw in this period, leaving 1 new malware apiece on iOS and Symbian.In Q1, ..
http://www.f-secure.com/weblog/archives/00002699.html
6 free network vulnerability scanners
Vulnerability scanners can help you automate security auditing and can play a crucial role in your IT security. They can scan your network and websites for up to thousands of different security risks, produce a prioritized list of those you should patch, describe the vulnerabilities, and give steps on how to remediate them. Some can even automate the patching process. While these tools can ..
http://www.csoonline.com/article/2148841/data-protection/6-free-network-vulnerability-scanners.html#tk.rss_applicationsecurity
Hashcat-Utils v1.0 Released
Hashcat-utils are a set of small utilities that are useful in advanced password cracking. They all are packed into multiple stand-alone binaries. All of these utils are designed to execute only one specific function. Since they all work with STDIN and STDOUT you can group them into chains. The programs are available for Linux and Windows on both 32 bit and 64 bit architectures. The programs are also available as open source.
http://www.toolswatch.org/2014/04/hashcat-utils-v1-0-released/