Tageszusammenfassung - Freitag 5-09-2014

End-of-Shift report

Timeframe: Donnerstag 04-09-2014 18:00 − Freitag 05-09-2014 18:00 Handler: Robert Waldner Co-Handler: Alexander Riepl

5 things you should know about email unsubscribe links before you click

We all get emails we don't want and cleaning them up can be as easy as clicking unsubscribe at the bottom of the email. However, some of those handy little links can cause more trouble than they solve.

http://nakedsecurity.sophos.com/2014/09/04/5-things-you-should-know-about-email-unsubscribe-links-before-clicking/


Google acceleration of SHA-1 deprecation draws resistance

Google said Chrome 39, to be released within 12 weeks, will treat some sites as untrusted, accelerating the transition and user woes.

http://www.scmagazine.com/google-acceleration-of-sha-1-deprecation-draws-resistance/article/369804/


Fresh phish served with a helping of AES

Attempts to use encryption to make analysis of phishing websites more difficult may be a sign of things to come. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools (which offer very primitive obfuscation), data URIs (where the page content is mostly Base64-encoded), and ..

http://www.symantec.com/connect/blogs/fresh-phish-served-helping-aes


Researchers discover two SQL injection flaws in WordPress security plugin

High-Tech Bridge discovered two SQL injection vulnerabilities in All In One WordPress Security and Firewall plugin and notified the vendor.

http://www.scmagazine.com/researchers-discover-two-sql-injection-flaws-in-wordpress-security-plugin/


Malware Bypasses Chrome Extension Security Feature

Originally created to extend a browser's functionality, browser extensions have become yet another tool for cybercriminals' schemes. Earlier this year, Google has addressed the issue of malicious browser extensions by ..

http://blog.trendmicro.com/trendlabs-security-intelligence/malware-bypasses-chrome-extension-security-feature/


Red Hat Enterprise Virtualization Manager 3.4.2 update

It was discovered that, when loading XML/RSDL documents, the oVirt Engine back end module used an insecure DocumentBuilderFactory. A remote, authenticated attacker could use this flaw to read files accessible to the user running the ..

https://rhn.redhat.com/errata/RHSA-2014-1161.html


Microsoft Security Bulletin Advance Notification for September 2014

This is an advance notification of security bulletins that Microsoft is intending to release on September 9, 2014. ... The following table summarizes the security bulletins for this month in order of severity. Bulletin 1..

https://technet.microsoft.com/en-us/library/security/MS14-SEP


renotification Security Advisory for Adobe Reader and Acrobat (APSB14-20)

Adobe is planning to release security updates on Tuesday, September 9, 2014 for Adobe Reader and Acrobat for Windows and Macintosh ..

http://helpx.adobe.com/security/products/reader/apsb14-20.html


Apple verspricht mehr Sicherheit nach Hacker-Angriff

Apple-Nutzer sollen künftig über Versuche zur Passwortänderung informiert werden, um Datendiebstahl zu verhindern.

http://futurezone.at/digital-life/apple-verspricht-mehr-sicherheit-nach-hacker-angriff/83.899.266


Apache POI 3.10.1-20140818 security issues with OOXML

The Apache POI project is pleased to announce the release of POI 3.10.1-20140818. This release is a bugfix release to fix two...

http://cxsecurity.com/issue/WLB-2014090022


Security of Password Managers

At USENIX Security this year there were two papers studying the security of password managers: David Silver, Suman Jana, and Dan Boneh, "Password Managers: Attacks and Defenses." Zhiwei Li, Warren He, Devdatta Akhawe, and Dawn Song, "The Emperors New Password Manager: Security Analysis of Web-based Password Managers." Its interesting work, especially because it looks at security problems in something that ..

https://www.schneier.com/blog/archives/2014/09/security_of_pas.html


BankAPI - What is it?

BankAPI is a secure decentralized messaging system to send files/messages between banks and other types of financial institutions. There is a reference implementation of the protocol which can be used off-the-shelf, which is production grade quality and is not only for testing and demonstration, although it ..

https://github.com/trustly/bankapi/


Remote-Code-Execution-Lücke in F5 BigIP

Im Hochverfügbarkeits-Modus wiesen die Load-Balancer der Firma F5 ein Sicherheitsproblem auf, das Angreifern die volle Kontrolle über das System ermöglicht. Der Hersteller bessert nach.

http://www.heise.de/security/meldung/Remote-Code-Execution-Luecke-in-F5-BigIP-2356557.html