Tageszusammenfassung - Donnerstag 15-05-2014

End-of-Shift report

Timeframe: Mittwoch 14-05-2014 18:00 − Donnerstag 15-05-2014 18:00 Handler: Alexander Riepl Co-Handler: Robert Waldner

VOBFUS Evolves, Adds Multiple Languages

VOBFUS malware is known for its polymorphic abilities, which allow for easy generation of new variants. We recently came across one variant that replaces these abilities for one never seen in VOBFUS malware before - the ability to 'speak' ..

http://blog.trendmicro.com/trendlabs-security-intelligence/vobfus-evolves-adds-multiple-languages/

---

Zeus - Reach Expands With New Webinjects

The peer-to-peer version of Zeus was especially busy in the first quarter with infections reported by banks in 10 countries that previously had ..

http://threatpost.com/zeus-reach-expands-with-new-webinjects/106092

---

Blog: Fake antivirus - attack of the clones

http://www.securelist.com/en/blog/8221/Fake_antivirus_attack_of_the_clones

---

Placebo-Virenschutz jetzt auch für Windows Phone

Augen auf beim Virenscanner-Kauf: Auch im Windows-Phone-Store wimmelt es nur so von Apps, die rein gar nichts tun - ausser Geld zu kosten.

http://www.heise.de/security/meldung/Placebo-Virenschutz-jetzt-auch-fuer-Windows-Phone-2190382.html

---

Facebook-Virus schürft verdeckt Kryptomünzen

Der zuerst in Norwegen aufgetauchte Schadcode verbreitet sich über Facebook-Nachrichten und infiziert seine Opfer, wenn diese eine angehängte Datei öffnen. Ist der Schadcode auf dem System, wird dieses deutlich ..

http://www.heise.de/security/meldung/Facebook-Virus-schuerft-verdeckt-Kryptomuenzen-2190556.html

---

Firms must protect against malicious ads

The Senate warned Google, Yahoo and other leading technology companies Thursday they need to better protect consumers from hackers exploiting their lucrative online advertising networks or risk new legislation that would force them to do so.

http://m.apnews.com/ap/db_15897/contentdetail.htm?contentguid=8dJLuw6G

---

Bugtraq: CSRF and Remote Code Execution in EGroupware

http://www.securityfocus.com/archive/1/532103

---

SSA-839231: Incorrect Certificate Verification in Ruggedcom ROX-based Devices

https://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-839231.pdf Multiple vulnerabilities in Juniper products

http://kb.juniper.net/index/content&id=JSA10627 http://kb.juniper.net/index/content&id=JSA10626 http://kb.juniper.net/index/content&id=JSA10625 Multiple vulnerabilities in Drupal third-party-modules

https://drupal.org/node/2267539 https://drupal.org/node/2267485 https://drupal.org/node/2267381 https://drupal.org/node/2267481