End-of-Shift report
Timeframe: Freitag 16-05-2014 18:00 − Montag 19-05-2014 18:00
Handler: Robert Waldner
Co-Handler: n/a
January-April 2014
The 'NCCIC/ICS-CERT Monitor' newsletter offers a means of promoting preparedness, information sharing, and collaboration with the 16 critical infrastructure sectors. ICS-CERT accomplishes this on a day-to-day basis through sector briefings, meetings, conferences, and information product releases.
This publication highlights recent activities and information products affecting industrial control systems (ICSs), and provides a look ahead at upcoming ICS-related events.
http://ics-cert.us-cert.gov//monitors/ICS-MM201404
IBM Security Bulletin: Fixes available for vulnerability in Apache Commons FileUpload contained in IBM WebSphere Portal (CVE-2014-0050)
Fixes available for a denial of service vulnerability in the open source library Apache Commons FileUpload which affects IBM WebSphere Portal.
CVE(s): CVE-2014-0050
Affected product(s) and affected version(s):
WebSphere Portal 8
WebSphere Portal 7
WebSphere Portal 6.1.x
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_fixes_available_for_vulnerability_in_apache_commons_fileupload_contained_in_ibm_websphere_portal_cve_2014_0050?lang=en_us
IBM Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Rational ClearCase
IBM WebSphere Application Server is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.
CVE(s): CVE-2014-0964
Affected product(s) and affected version(s):
IBM Rational ClearCase, CM Server component, release 7.1.x (7.1.0.x, 7.1.1.x, and 7.1.2.x).
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_a_security_vulnerability_has_been_identified_in_websphere_application_server_shipped_with_rational_clearcase?lang=en_us
Mozilla gründet "Winter of Security"
Studenten können bei Mozillas Programm für ihr Studium ein Projekt durchführen, das eine Bedeutung auch außerhalb der Universität hat. Begleitet wird die Arbeit von einem Entwickler.
http://www.heise.de/security/meldung/Mozilla-gruendet-Winter-of-Security-2192438.html
Malvertising Up By Over 200%
An anonymous reader writes "Online Trust Alliance (OTA) Executive Director and President Craig Spiezle testified before the U.S. Senates Homeland Security and Governmental Affairs Permanent Subcommittee on Investigations, outlining the risks of malicious advertising, and possible solutions to stem the rising tide. According to OTA research, malvertising increased by over 200% in 2013 to over 209,000 incidents, generating over 12.4 billion malicious ad impressions.
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/ZUq6VAva50Y/story01.htm
DDoS Trojans attack Linux
May 15, 2014 The fallacy that Linux is fully protected against malware thanks to the specific features of its architecture makes life much easier for intruders distributing such software. In May 2014, Doctor Webs security analysts identified and examined a record-high number of Trojans for Linux, a large portion of which is designed to (distributed denial of service) attacks. These programs share common features: first, they carry out DDoS attacks via various protocols, and second, they appear ..
http://news.drweb.com/show/?i=5760&lng=en&c=9
Security: Datenbank informiert über Identitätsklau
Eine Datenbank gibt Informationen darüber, ob Passwörter oder Kontodaten eines Nutzers auf einschlägigen Foren zu finden sind. Die vom Hasso-Plattner-Institut bereitgestellten Informationen unterscheiden sich von denen des BSI.
http://www.golem.de/news/security-datenbank-informiert-ueber-identitaetsklau-1405-106565-rss.html
Cisco ASA Crafter RADIUS Packets Denial of Service Vulnerability
A vulnerability in the implementation of the Remote Authentication Dial-in User Services (RADIUS) code of Cisco ASA Software could allow an authenticated, remote attacker to cause an affected system to reload.
The vulnerability is due to insufficient validation of RADIUS packets including crafted attributes. An attacker could exploit this vulnerability by sending crafted RADIUS packets to the affected system. The attacker must know the RADIUS shared secret and inject the crafted packet while a RADIUS exchange is in progress.
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3264
Mid-2014 Tech Security Rundown: 5 Current Exploits Worth Knowing About
Here are just a few of the security threats that have risen to prominence in recent months.
...
Rotbrow
Mobile Side Channel Leakage
IoT Hardware & Software
Ad Network Intrusion
Out of Harm's Way
Besides these exploits, web users must contend with on-going threats like SQL injection and cross-site scripting.
http://hackersnewsbulletin.com/2014/05/mid-2014-tech-security-rundown-5-current-exploits-worth-knowing-2.html
Online-Banking: Verstärkte Angriffe auf das mTAN-Verfahren
Experten warnen vor verstärkten Infektionen mit dem Android-Trojaner FakeToken. Die Software kopiert empfangene SMS, die TANs enthalten. Ganoven können dann das Konto des Opfers leer räumen.
http://www.heise.de/security/meldung/Online-Banking-Verstaerkte-Angriffe-auf-das-mTAN-Verfahren-2193090.html
Kryptographie: Schnellerer Algorithmus für das diskrete Logarithmusproblem
Auf der Eurocrypt-Konferenz ist ein schnellerer Algorithmus für eine spezielle Variante des diskreten Logarithmusproblems vorgestellt worden. Dieses Problem ist die Grundlage zahlreicher kryptographischer Verfahren, doch eine direkte Bedrohung für real eingesetzte Algorithmen gibt es zur Zeit nicht.
http://www.golem.de/news/kryptographie-schnellerer-algorithmus-fuer-das-diskrete-logarithmusproblem-1405-106547.html