End-of-Shift report
Timeframe: Montag 26-05-2014 18:00 − Dienstag 27-05-2014 18:00
Handler: Christian Wojner
Co-Handler: Stephan Richter
Mac OS X: VirusTotal veröffentlicht Uploader
Der von Google aufgekaufte Viren-Scan-Dienst hat ein Tool veröffentlicht, mit dem Mac-Nutzer suspekte Dateien und Programme zur Prüfung hochladen können. VirusTotal erhofft sich tieferen Einblick in OS-X-Schadsoftware.
http://www.heise.de/security/meldung/Mac-OS-X-VirusTotal-veroeffentlicht-Uploader-2198089.html
Malicious Redirections to Porn Websites
The past week has brought about a large number of cases where compromised websites had hidden redirections to porn injected into their code. All the infections had a similar pattern where they only targeted mobile devices. They are highly conditional as well making it challenging for webmasters to detect. Lets take a minute to explain...
http://feedproxy.google.com/~r/sucuri/blog/~3/aMQhA3--dfg/website-infections-malicious-redirect-to-porn-website-target-wordpress-and-joomla-users.html
Unsafe cookies leave WordPress accounts open to hijacking, 2-factor bypass
Accounts accessed from Wi-Fi hotspots and other unsecured networks are wide open.
http://feeds.arstechnica.com/~r/arstechnica/security/~3/yKbonlXYDrk/
Youve got Mail! But someone else is reading it in Outlook for Android
Researchers say Redmond forgot to encrypt messages stored on Android SD cards Researchers have plucked privacy holes in Microsofts Outlook Android app that expose user data when user security setting screws were not tightened.
http://go.theregister.com/feed/www.theregister.co.uk/2014/05/27/prying_privacy_pundits_crypto_calamity_outlook_outcry/
Mt. Gox: Bitcoin-Preise angeblich durch Bots manipuliert
Neue Spekulation um die insolvente Bitcoin-Börse Mt. Gox: Laut einer Analyse sollen Bots die Preise an der Börse getrieben und mindestens rund 570.000 Bitcoins aufgekauft haben.
http://www.heise.de/newsticker/meldung/Mt-Gox-Bitcoin-Preise-angeblich-durch-Bots-manipuliert-2197907.html/from/rss09?wt_mc=rss.ho.beitrag.rdf
Fernwartungsfunktion: Onlineganoven entführen Macs und iPhones
Mit "Find My iPhone" und "Find My Mac" können Nutzer geklaute Hardware über ihre Apple ID sperren. Gerät diese in falsche Hände, können das aber auch Erpresser. In Australien sollen solche "Entführungen" gerade öfter vorkommen.
http://www.heise.de/newsticker/meldung/Fernwartungsfunktion-Onlineganoven-entfuehren-Macs-und-iPhones-2198274.html/from/rss09?wt_mc=rss.ho.beitrag.rdf
cPanel cgiemail Character Injection Flaw Lets Remote Users Send SPAM via the System
A remote user can inject newline characters via certain parameters to modify email fields and send SPAM to arbitrary destination addresses via cgiemail.
http://www.securitytracker.com/id/1030287
Avast-Forum fällt Hackerangriff zum Opfer
Unbekannten gelang es, Nutzernamen, E-Mail-Adressen und verschlüsselte Passwörter von 350.000 Nutzern zu kopieren. Der Firmenchef des Antivirenherstellers hält es für möglich, dass die Hacker an Klartext-Passwörter kommen.
http://www.heise.de/security/meldung/Avast-Forum-faellt-Hackerangriff-zum-Opfer-2198377.html
Multiple Vulnerabilities in TYPO3 CMS
It has been discovered that TYPO3 CMS is vulnerable to Cross-Site Scripting, Insecure Unserialize, Improper Session Invalidation, Authentication Bypass, Information Disclosure and Host Spoofing.
http://typo3.org/news/article/multiple-vulnerabilities-in-typo3-cms-1/
Amazons AWS bietet Verschlüsselung auf Blockebene
Nutzer von Amazons Cloud-Angeboten können ihre auf virtuellen Laufwerken gespeicherten Daten verschlüsseln.
http://www.heise.de/security/meldung/Amazons-AWS-bietet-Verschluesselung-auf-Blockebene-2198284.html
Top 10 Windows Server Security Misconfigurations
Introduction According to Wikipedia, 32.6% of servers on the Internet are running Microsoft Windows. The purpose of this article is to create awareness among system administrators and managers about some of the areas on which it is important to focus when implementing a new Windows build or when hardening the security of an existing server. The Survey One of the activities of the @NCCGroupInfosec team is to perform build reviews on clients' systems, looking for any misconfigurations that...
https://www.nccgroup.com/en/blog/2014/05/top-10-windows-server-security-misconfigurations/
Zeus-Carberp Hybrid Trojan Pops Up
Researchers have discovered a new hybrid Trojan that combines elements of two of the more notorious crimeware strains of the last few years: Zeus and Carberp. It's not uncommon for malware writers to steal bits and pieces of code from one another, but both Zeus and Carberp were once exclusively private tools, but the source...
http://threatpost.com/zeus-carberp-hybrid-trojan-pops-up/106283