Tageszusammenfassung - Dienstag 20-10-2015

End-of-Shift report

Timeframe: Montag 19-10-2015 18:00 − Dienstag 20-10-2015 18:00 Handler: Alexander Riepl Co-Handler: n/a

Joomla! - Important Security Announcement - Patch Available Soon

A Joomla 3.4.5 release containing a security fix will be published on Thursday 22nd October at approximately 14:00 UTC The Joomla Security Strike Team (JSST) has been informed of a critical security issue in the Joomla core. Since this is a *very important security fix*, please be prepared to update your Joomla installations next Thursday.

https://www.joomla.org/announcements/release-news/5633-important-security-announcement-pre-release.html

JSA10700 - 2015-10 Security Bulletin: Junos: J-Web in SRX5000-Series: A remote attacker can cause a denial of service to SRX5000-Series when J-Web is enabled causing the SRX to enter debug prompt. (CVE-2014-6451)

http://kb.juniper.net/index/content&id=JSA10700&actp=RSS

ZDI-15-525: Foxit Reader Forms Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

http://www.zerodayinitiative.com/advisories/ZDI-15-525/

ZDI-15-524: Foxit Reader Forms Out-Of-Bounds Read Remote Code Execution Vulnerability

http://www.zerodayinitiative.com/advisories/ZDI-15-524/

Lets Encrypt: Cross-Sign mit Identtrust abgeschlossen

Let's Encrypt hat einen neuen Meilenstein erreicht: Der Cross-Sign mit Identtrust ist abgeschlossen. Ab Mitte November soll der Dienst für die breite Öffentlichkeit verfügbar sein.

http://www.golem.de/news/let-s-encrypt-cross-sign-mit-identtrust-abgeschlossen-1510-116994.html

DSA-3375 wordpress - security update

Several vulnerabilities have been fixed in Wordpress, the popularblogging engine.

https://www.debian.org/security/2015/dsa-3375

Android 6.0: Verschlüsselung wird verpflichtend

Einen zweiten Anlauf nimmt Google zur Absicherung von Android-Smartphones und Tablets: Mit Android 6.0 müssen – fast – alle neuen Geräte von Haus aus verschlüsselt werden, dies schreibt die neueste Version des Android Compatibility Definition Document vor.

http://derstandard.at/2000024183416

Hacking ZigBee Networks

What is ZigBee? Internet of Things (IoT) is what most experts consider as the next step of the Internet revolution where physical objects are invariably linked to the real and virtual world at the same time. Connected devices now ..

http://resources.infosecinstitute.com/hacking-zigbee-networks/

OpenSSH: Erster Code von SSH für Windows frei verfügbar

Die portable Version des aktuellen OpenSSH 7.1 stellt Microsoft nun auch für Windows bereit. Interessierte können außerdem künftig zu dem Projekt beitragen. Der produktive Einsatz soll noch in der ersten Jahreshälfte 2016 möglich sein.

http://www.golem.de/news/openssh-erster-code-von-ssh-fuer-windows-frei-verfuegbar-1510-117004.html

How a criminal ring defeated the secure chip-and-PIN credit cards

Over $680,000 stolen via a clever man-in-the-middle attack.

http://arstechnica.com/tech-policy/2015/10/how-a-criminal-ring-defeated-the-secure-chip-and-pin-credit-cards/

.:: Attacking Ruby on Rails Applications ::.

This little article aims to give an introduction to the topic of attacking Ruby on Rails applications. Its neither complete nor dropping 0day. Its rather the authors attempt to accumulate the interesting attack paths and techniques in one write up. As yours truly spend most of his work on Ruby ..

http://phrack.org/papers/attacking_ruby_on_rails.html

Korrupter Silk-Road-Ermittler zu über sechs Jahren Haft verurteilt

Seine verdeckten Ermittlungen gegen den Drogenmarktplatz Silk Road nutzte ein US-Beamter für eigene kriminelle Machenschaften. Unter anderem wegen Erpressung und Geldwäsche muss er nun ins Gefängnis.

http://heise.de/-2851334

Tech Support Scammers Impersonate Apple Technicians

By setting up a phishing site for Apples remote sharing service, this tech support scam looks quite genuine.

https://blog.malwarebytes.org/fraud-scam/2015/10/tech-support-scammers-impersonate-apple-technicians/

There's no place like ::1 - Malware for the masses

Analyzing malware samples provided by customers usually leads to interesting results. Recently, an HP customer downloaded something via Microsoft Internet Explorer and provided the sample analyzed in this blog. In some cases, analysis of these types of samples provides insight into previously unknown ..

http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/There-s-no-place-like-1-Malware-for-the-masses/ba-p/6803498

Das BSI nimmt sich der Router-Sicherheit an

Das BSI hat ein Testkonzept vorgestellt, das die Sicherheit von Endkunden-Routern vergleichbar machen soll. Die 'wesentliche Sicherheitskomponente zum Schutz des internen Netzes' soll endlich sicher werden.

http://heise.de/-2851354