End-of-Shift report
Timeframe: Freitag 23-01-2015 18:00 − Montag 26-01-2015 18:00
Handler: Robert Waldner
Co-Handler: n/a
System Center Endpoint Protection support for Windows Server 2003
>
From July 14, 2015, Windows Server 2003 will cease to be a supported operating system.
http://blogs.technet.com/b/mmpc/archive/2015/01/23/system-center-endpoint-protection-support-for-windows-server-2003.aspx
Sicherheitslücke in Millionen Android-Geräten: Google empfiehlt Chrome oder Firefox als Abhilfe
Scharfe Kritik gibt es seit bekannt wurde, dass Google Sicherheitslücken im alten Standard-Browser von Android nicht mehr schließen will. Die Abhilfe, die Google nun empfiehlt, ist nicht so recht befriedigend.
http://heise.de/-2528130
OS X 10.10.2: Apple patcht "Thunderstrike"-Angriff und Googles Zeroday-Lücken
In der jüngsten Yosemite-Beta sollen gleich mehrere problematische Fehler behoben sein. Wann die Finalversion erscheint, bleibt unklar. Der Entdeckter von "Thunderstrike" kritisierte Apple.
http://www.heise.de/newsticker/meldung/OS-X-10-10-2-Apple-patcht-Thunderstrike-Angriff-und-Googles-Zeroday-Luecken-2528347.html/from/rss09?wt_mc=rss.ho.beitrag.rdf
Firewall-Update: IPFire 2.15 auf Core Update 86 aktualisiert
Die Aktualisierung stopft etliche Sicherheitslücken in diversen Paketen. Die Entwickler empfehlen daher dringend, das Update umgehend einzuspielen und die Firewall anschließend neu zu starten.
http://heise.de/-2528391
Adobe stiftet Verwirrung mit falschen Versionsangaben für Flash
Die Flash-Macher haben die kritische Lücke in ihrer Software endlich geschlossen. Leider vermitteln sie auf der offiziellen Flash-Webseite noch den Eindruck, die verwundbare Version wäre die neueste und damit sicher.
http://www.heise.de/newsticker/meldung/Adobe-stiftet-Verwirrung-mit-falschen-Versionsangaben-fuer-Flash-2528458.html/from/rss09?wt_mc=rss.ho.beitrag.rdf
Factsheet: Help! My website is vulnerable to SQL injection
SQL injection is a popular and frequently used attack on websites, which attackers use to steal large volumes of (client) information. Although there are other types of attacks for capturing this information, SQL injection appears to be a frequently used method.A website becomes vulnerable to SQL injection when attackers are able to influence the queries sent by a website to a database.
https://www.ncsc.nl/english/services/expertise-advice/knowledge-sharing/factsheets/factsheet-help-my-website-is-vulnerable-to-sql-injection.html
Demystifying Cross-Site Request Forgery
Continuously ranked in the OWASP Top Ten, a large majority of the development community still doesnt understand Cross-Site Request Forgery (CSRF). After years of penetration tests and code reviews, my experiences show that a high percentage of applications, especially new applications, do not have proper CSRF protections in place. This post provides a refresher on CSRF and provides a common defense for this issue.
http://software-security.sans.org/blog/2015/01/23/demystifying-cross-site-request-forgery
Analyzing CVE-2015-0311: Flash Zero Day Vulnerability
Last week a major zero-day vulnerability (was found in Adobe Flash Player. Over the weekend, Adobe started releasing an update to fix the vulnerability: users who have enabled auto-update have already received the newest version (16.0.0.296). Our analysis has confirmed that the vulnerable code has been modified.
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/2RZECpZzdak/
Cisco 2900 Series Integrated Services Router Network-Based Application Recognition Denial of Service Vulnerability
A vulnerability in the Network-Based Application Recognition (NBAR) protocol process of the Cisco 2900 Series Integrated Services Router could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability occurs when the NBAR process locks. An attacker could exploit this vulnerability by sending simple IP version 4 (IPv4) packets through the router. An exploit could allow the attacker to cause a DoS condition that would require a router restart.
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0586