End-of-Shift report
Timeframe: Donnerstag 03-07-2014 18:00 − Freitag 04-07-2014 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Cisco Intelligent Automation for Cloud Form Data Viewer information disclosure
http://xforce.iss.net/xforce/xfdb/94177
VU#143740: Netgear GS108PE Prosafe Plus Switch contains hard-coded login credentials
Netgear GS108PE Prosafe Plus Switch contains hard-coded login credentials that can be used for authenticating to the web server running on the device. The username is ..
http://www.kb.cert.org/vuls/id/143740
MS14-JUL - Microsoft Security Bulletin Advance Notification for July 2014 - Version: 1.0
https://technet.microsoft.com/en-us/library/security/MS14-JUL
Phishing: iPhone 6 und iWatch als Lockmittel
Angreifer nutzen derzeit die Aufmerksamkeit rund um zukünftige Apple-Produkte, um Nutzer auf eine gefälschte Apple-Webseite zu locken. Die Aufmachung der Mail erinnert an offizielle Apple-Mitteilungen.
http://www.heise.de/security/meldung/Phishing-iPhone-6-und-iWatch-als-Lockmittel-2249257.html
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM), Integrated Management Module (IMM), and Integrated Management Module 2 (IMM2) Potential IPMI credentials Exposure (CVE-2014-0860)
The administrative IPMI credentials for authenticating communications between the IBM BladeCenter Advanced Management Module (AMM), Integrated Management Module (IMM), and Integrated Management Module 2 (IMM2) are stored in plaintext within the AMM firmware binaries.
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_amm_integrated_management_module_imm_and_integrated_management_module_2_imm2_potential_ipmi_credentials_exposure_cve_2014_0860?lang=en_
Dailymotion Compromised to Send Users to Exploit Kit
Attackers made the popular video site redirect users to the Sweet Orange Exploit Kit. On June 28, the popular video sharing website Dailymotion was compromised to redirect users to the Sweet Orange Exploit Kit. This exploit kit takes advantage of vulnerabilities in Java, Internet Explorer, and Flash Player. If the ..
http://www.symantec.com/connect/blogs/dailymotion-compromised-send-users-exploit-kit
HP Universal Configuration Management Database Flaws Let Remote Users Obtain Information and Execute Arbitrary Code
http://www.securitytracker.com/id/1030518
"Phishing wird vom seltenen Anlass zum Tagesgeschäft"
Während immer mehr Phishing-Webseiten auftauchen, werden die angewandten Taktiken immer raffinierter. Opfer werden vermehrt persönlich angesprochen.
http://futurezone.at/digital-life/phishing-wird-vom-seltenen-anlass-zum-tagesgeschaeft/73.217.168
Miniduke is back: Nemesis Gemina and the Botgen Studio
In the wake of our publications from 2013, the Miniduke campaigns have stopped or at least decreased in intensity. However, in the beginning of 2014 they resumed attacks in full force, once again grabbing our attention. We believe its time to uncover more information on their operations.
https://www.securelist.com/en/blog/208214341/Miniduke_is_back_Nemesis_Gemina_and_the_Botgen_Studio
phpinfo() Type Confusion Infoleak Vulnerability and SSL Private Keys
In this post we will detail the phpinfo() type confusion vulnerability that we disclosed to PHP.net and show how it allows a PHP script to steal the private SSL key. We demonstrate this on a Ubuntu 12.04 LTS 32 bit default installation of PHP and mod_ssl. Unfortunately this kind of problem is not considered a security problem by PHP.net and therefore this security vulnerability does not have a CVE name assignet to it, yet.
https://www.sektioneins.de/en/blog/14-07-04-phpinfo-infoleak.html