End-of-Shift report
Timeframe: Dienstag 20-10-2015 18:00 − Mittwoch 21-10-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
VMSA-2015-0003.13
http://www.vmware.com/security/advisories/VMSA-2015-0003.html
APPLE-SA-2015-10-20-1 OS X: Flash Player plug-in blocked
Due to security issues in older versions, Apple has updated the
web plug-in blocking mechanism to disable all versions prior to
Flash Player 19.0.0.226 and 18.0.0.255.
http://prod.lists.apple.com/archives/security-announce/2015/Oct/msg00001.html
VMSA-2015-0007.2
http://www.vmware.com/security/advisories/VMSA-2015-0007.html
Oracle Linux Bulletin - October 2015
Oracle Linux Bulletin - October 2015
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
New Headaches: How The Pawn Storm Zero-Day Evaded Java's Click-to-Play Protection
Several months ago, we disclosed that Pawn Storm was using a then-undiscovered zero-day Java vulnerability to carry out its attacks. At the time, we noted that a separate vulnerability was used to bypass the click-to-play protection that is in use by Java. This second vulnerability has now been ..
http://blog.trendmicro.com/trendlabs-security-intelligence/new-headaches-how-the-pawn-storm-zero-day-evaded-javas-click-to-play-protection/
Multiple vulnerabilities in SAP products
http://www.zerodayinitiative.com/advisories/ZDI-15-532/
http://www.zerodayinitiative.com/advisories/ZDI-15-531/
http://www.zerodayinitiative.com/advisories/ZDI-15-530/
http://www.zerodayinitiative.com/advisories/ZDI-15-529/
http://www.zerodayinitiative.com/advisories/ZDI-15-528/
http://www.zerodayinitiative.com/advisories/ZDI-15-527/
http://www.zerodayinitiative.com/advisories/ZDI-15-526/
G DATA Malware Report - January - June 2015
The G Data SecurityLabs published the Malware Report for the first half of 2015. Here are the most important findings.
https://blog.gdatasoftware.com/blog/article/g-data-malware-report-january-june-2015.html
EMET: To be, or not to be, A Server-Based Protection Mechanism
Hi Folks - Platforms PFE Dan Cuomo here to discuss a common question seen in the field: 'My customer is deploying EMET and would like to know if it is supported on Server Operating Systems.' On the surface there is a simple answer to this question, ..
http://blogs.technet.com/b/srd/archive/2015/10/20/emet-to-be-or-not-to-be-a-server-based-protection-mechanism.aspx
Hack.lu 2015 Wrap-Up Day #1
Today started the 11th edition of hack.lu in Luxembourg. Being one of my preferred event, I drove to Luxembourg this morning direction to the Alvisse Parc hotel! The first day started with a security breakfast and a round ..
https://blog.rootshell.be/2015/10/20/hack-lu-2015-wrap-up-day-1/
Flash, Java Patches Fix Critical Holes
Adobe has issued a patch to fix a zero-day vulnerability in its Flash Player software. Separately, Oracle today released an update to plug more than two-dozen flaws in its Java software. Both programs plug directly into the browser and are ..
http://krebsonsecurity.com/2015/10/flash-java-patches-fix-critical-holes/
Online-Banking: Neue Angriffe auf die mTAN
Betrüger haben wieder einmal eine Methode gefunden, um Daten von Kunden beim Online-Banking abzugreifen und das mTAN-System auszuhebeln.
http://heise.de/-2851624
Microsoft startet Bug-Bounty-Programm für .NET Core und ASP.NET
Bis zum 20. Januar 2016 können Entwickler im Rahmen des Programms auf Sicherheitslücken in den Betas der CoreCLR und ASP.NET 5 hinweisen. Gute Lösungsvorschläge sind Microsoft bis zu 15.000 US-Dollar wert.
http://heise.de/-2851587
Gwolle Guestbook <= 1.5.3 - Remote File Inclusion (RFI)
https://wpvulndb.com/vulnerabilities/8218
High-Tech Bridge launches free PCI and NIST compliant SSL test
High-Tech Bridge is pleased to announce availability of its new online service to test SSL/TLS server security and configuration for compliance with NIST and PCI DSS.
https://www.htbridge.com/news/high-tech-bridge-launches-free-pci-and-nist-compliant-ssl-test.html
Metadaten-Leak: 1Password stellt Dateiformat um
Nutzer der Abgleichfunktion "1Password Anywhere" hinterließen unter Umständen eine Liste mit den von ihnen verwendeten Websites im Netz. Ein neues Dateiformat für den Passworttresor soll Abhilfe schaffen.
http://heise.de/-2851618
IniNet Solutions embeddedWebServer Cleartext Storage Vulnerability
This advisory provides mitigation details for a cleartext storage of sensitive information vulnerability in the IniNet Solutions GmbH embeddedWebServer.
https://ics-cert.us-cert.gov/advisories/ICSA-15-293-01
IniNet Solutions SCADA Web Server Vulnerabilities
This advisory provides mitigation details for three vulnerabilities in the IniNet Solutions GmbH SCADA Web Server.
https://ics-cert.us-cert.gov/advisories/ICSA-15-293-02
3S CODESYS Gateway Null Pointer Exception Vulnerability
This advisory provides mitigation details for a null pointer exception vulnerability in the 3S-Smart Software Solutions GmbH CODESYS Gateway Server.
https://ics-cert.us-cert.gov/advisories/ICSA-15-293-03
Angriffe auf Magento-Shops über bereits bekannte Lücken
Die aktuellen Angriffe auf Tausende von Magento-Webseiten finden wohl über Lücken statt, für die bereits Patches existieren. Außerdem werden auch Seiten angegriffen, die Magento gar nicht einsetzen.
http://heise.de/-2851842
Hacking Challenge: Staatsdruckerei sucht IT-Talente
Die Österreichische Staatsdruckerei veranstaltet auf der Karrieremesse des Campus Hagenberg der FH OÖ eine Hacking Challenge mit dem Ziel, junge IT-Talente zu finden.
http://futurezone.at/digital-life/hacking-challenge-staatsdruckerei-sucht-it-talente/159.762.396
Kampagnen Malvertising Campaign Goes After German Users
Malvertising targets German users via carefully crafted attack to dupe ad networks...)
https://blog.malwarebytes.org/malvertising-2/2015/10/kampagnen-malvertising-campaign-goes-after-german-users/
Trend Micro kauft Tipping Point
Mit Tipping Point verleibt sich der Antiviren-Hersteller auch die Zero Day Initiative (ZDI) und die Digital Vaccine Labs ein. Tipping Point, bisher Teil von HP, ist unter anderem auch als Sponsor der Pwn2Own-Events bekannt.
http://heise.de/-2851848