End-of-Shift report
Timeframe: Freitag 25-07-2014 18:00 − Montag 28-07-2014 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Cisco WebEx Meetings Server Authenticated Encryption Vulnerability
A vulnerability in the user.php script of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view sensitive information.
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3302
Cacti cross-site scripting
Cacti is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the Full Name field to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting ..
http://xforce.iss.net/xforce/xfdb/94862
Cisco WebEx Meetings Server OutlookAction Class Vulnerability
A vulnerability in the OutlookAction Class of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to enumerate valid user accounts. The vulnerability is due to ..
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3304
Cisco WebEx Meetings Server Web Framework Vulnerability
A vulnerability in the web framework of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view sensitive information. The vulnerability occurs because sensitive information is passed in a query string. An attacker could ..
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3303
Service Drains Competitors' Online Ad Budget
The longer one lurks in the Internet underground, the more difficult it becomes to ignore the harsh reality that for nearly every legitimate online business there is a cybercrime-oriented anti-business. Case in point: Todays post looks at a popular service that helps crooked online marketers exhaust the Google AdWords budgets of their competitors.
http://krebsonsecurity.com/2014/07/service-drains-competitors-online-ad-budget/
Daimler: Mit eigener Hacker-Gruppe gegen Sicherheitslücken
Der Automobilhersteller Daimler beschäftigt eine fest angestellte Gruppe von Datenspezialisten, deren Aufgabe es ist, das eigene Firmennetzwerk zu attackieren. So sollen Sicherheitslücken schneller aufgespürt werden.
http://www.golem.de/news/daimler-mit-eigener-hacker-gruppe-gegen-sicherheitsluecken-1407-108137-rss.html
Ubiquiti UbiFi Controller 2.4.5 Password Hash Disclosure
If remote logging is enabled on the UniFi controller, syslog messages
are sent to a syslog server. Contained within the syslog messages is
the admin password that is used by both the UniFi controller, and all
managed Access Points. This CVE was ..
http://cxsecurity.com/issue/WLB-2014070146
Tails: Zero-Day im Invisible Internet Project
In der Linux-Distribution Tails befindet sich eine Sicherheitslücke, über die Nutzeridentitäten aufgedeckt werden können. Die Schwachstelle ist nicht in Tor, sondern im Invisible-Internet-Project-Netzwerk zu finden.
http://www.golem.de/news/tails-zero-day-im-invisible-internet-project-1407-108148-rss.html
DANE disruptiv: Authentifizierte OpenPGP-Schlüssel im DNS
Pretty Good Privacy soll das DNS zur Schlüsselpropagierung nutzen. Auf der Liste der Entwickler der Internet Engineering Task Force (IETF) steht als nächstes die Zulassung eigenen Schlüsselmaterials.
http://www.heise.de/security/meldung/DANE-disruptiv-Authentifizierte-OpenPGP-Schluessel-im-DNS-2268917.html
Behind the Android.OS.Koler distribution network
Android.OS.Koler.a a ransomware program that blocks the screen of an infected device and requests a ransom in order to unlock the device. An entire network of malicious porn sites linked to a traffic direction system that redirects the victim to different payloads targeting not only mobile devices but any other visitor.
https://securelist.com/blog/research/65189/behind-the-android-os-koler-distribution-network/
Dissecting the CVE-2013-2460 Java Exploit
In this vulnerability, code is able to get the references of some restricted classes which are cleverly used for privilege escalation and bypassing the JVM sandbox. The vulnerable 'invoke' method of the 'sun.tracing.ProviderSkeleton' class is used to ..
http://research.zscaler.com/2014/07/dissecting-cve-2013-2460-java-exploit.html
Anatomy of an iTunes phish - tips to avoid getting caught out
Even if youd back yourself to spot a phish every time, heres a step-by-step account that might help to save your friends and family in the future...
http://nakedsecurity.sophos.com/2014/07/28/anatomy-of-an-itunes-phish-tips-to-avoid-getting-caught-out/
ICS 3C - ICS Cybersecurity Council Conference
ICS 3C gathers experts and decision makers placing Cybersecurity at the heart of a Pan-European Dialogue on solutions for securing critical processes.
http://www.anapur.de/u_e_ICS_Cybersecurity_Conference_2014_HD.htm
Trojaner: Warnungen vor gefälschten Ikea-Mails
Schon mehrere tausend Funde, E-Mails sind "täuschend echt" ..
http://derstandard.at/2000003626539
Malware, Would You Install it for One Cent?
A research study report entitled It's All About The Benjamins: An empirical study on incentivizing users to ignore security ..
http://www.seculert.com/blog/2014/07/would-you-install-potential-malware-for-one-cent.html