Tageszusammenfassung - Freitag 29-08-2014

End-of-Shift report

Timeframe: Donnerstag 28-08-2014 18:00 − Freitag 29-08-2014 18:00 Handler: Robert Waldner Co-Handler: Alexander Riepl

Heartbleed is the gift that keeps on giving as servers remain unpatched

An average of 7,000 attacks continue to seek out servers vulnerable to the bug.

http://arstechnica.com/security/2014/08/heartbleed-is-the-gift-that-keeps-on-giving-as-servers-remain-unpatched/

---

PCI Council urges retailers to defend against Backoff POS attacks

The warning comes soon after the Secret Service and DHS issues a warning on the threat.

http://www.scmagazine.com/pci-council-urges-retailers-to-defend-against-backoff-pos-attacks/article/368640/

---

Multiple vulnerabilities in Cisco products

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3350 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3352 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3349

---

Django REMOTE_USER header security bypass

http://xforce.iss.net/xforce/xfdb/95569

---

IBM Security Bulletin: Current Release of IBM SDK for Node.js is affected by CVE-2014-5256

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_current_release_of_ibm_sdk_for_node_js_is_affected_by_cve_2014_5256?lang=en_us

---

Scanbox: A Reconnaissance Framework Used with Watering Hole Attacks

A few days ago we detected a watering hole campaign in a website owned by one big industrial company.The website is related to software used for simulation and system engineering in a wide range of industries, including automotive, aerospace, and manufacturing.The attackers were able to compromise the website and include code that loaded a malicious Javascript ..

http://www.alienvault.com/open-threat-exchange/blog/scanbox-a-reconnaissance-framework-used-on-watering-hole-attacks

---

Squid Range Header Processing Flaw Lets Remote Users Deny Service

http://www.securitytracker.com/id/1030779

---

F5 BIG-IP ConfigSync Access Control Flaw Lets Remote Users Read and Write Arbitrary Files

http://www.securitytracker.com/id/1030778

---

F5 Enterprise Manager ConfigSync Access Control Flaw Lets Remote Users Read and Write Arbitrary Files

http://www.securitytracker.com/id/1030777

---

Sinkholing the Backoff POS Trojan

There is currently a lot of buzz about the Backoff point-of-sale Trojan that is designed to steal credit card information from computers that have POS terminals attached.

https://securelist.com/blog/research/66305/sinkholing-the-backoff-pos-trojan/

---

Nearly 100k Bugzilla Users Affected by Data Disclosure

The email addresses and encrypted passwords of nearly 100,000 users of Mozilla's Bugzilla system were left on a publicly accessible server for several months earlier this year, the company said. The disclosure comes just a few weeks after Mozilla advised members of its Mozilla Developer ..

http://threatpost.com/nearly-100k-bugzilla-users-affected-by-data-disclosure/107973