Tageszusammenfassung - Freitag 13-11-2015

End-of-Shift report

Timeframe: Donnerstag 12-11-2015 18:00 − Freitag 13-11-2015 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter

Using Facebook to log in - safe or not?

Open up your favorite web site and you can see what this is about right away. There are in many cases two options, an ordinary log-in and "Log in with Facebook". Have you been using the Facebook option? It is quite convenient, isn't it? I was talking to a journalist about privacy a while ago...

http://safeandsavvy.f-secure.com/2015/11/12/using-facebook-to-log-in-safe-or-not/

MIG Mozilla InvestiGator

Search through your infrastructure in real-time from the command line

https://jve.linuxwall.info/ressources/taf/LISA15/

ZipInputStream Armageddon

Again, again, again .. and again these bugs are turning up because of the general lack of validation occurring on the ZIP contents. In most cases this is probably due to the fact that developers are making assumptions that these ZIP files are not being tampered with, and therefore dont really consider the ramifications.

http://rotlogix.com/2015/11/12/zipinputstream-armageddon/

botfrei.de: Werbeblocker-Sanktionen "der falsche Weg"

Das "Anti-Botnet Beratungszentrums" botfrei.de und der Betreiber, der eco Verband der Internetwirtschaft, halten Online-Werbung für wichtig. Sanktionen gegen Werbeblocker würden aber wichtige Nutzerinteressen unberücksichtigt lassen.

http://heise.de/-2920022

One BadBarcode Spoils Whole Bunch

At PacSec 2015, researchers demonstrated attacks using poisoned barcodes scanned by numerous keyboard wedge barcode scanners to open a shell on a machine and virtually type control commands.

http://threatpost.com/one-badbarcode-spoils-whole-bunch/115362/

Google Reconnaissance, Sprinter-style, (Fri, Nov 13th)

When doing security assessments or penetration tests, theres a significant amount of findings that you can get from search engines. For instance, if a client has sensitive information or any number of common vulnerabilities, you can often find those with a Google or Bing search, without sending a single packet to the clients infrastructure. This concept is called google dorking, and was pioneered by Johnny Long back in the day (he has since moved on to other projects see...

https://isc.sans.edu/diary.html?storyid=20375&rss

Researchers Discover Two New Strains of POS Malware

Two new and different strains of point of sale malware have come to light, including one that's gone largely undetected for the past five years.

http://threatpost.com/researchers-discover-two-new-strains-of-pos-malware/115350/

Spring Social Core Vulnerability Disclosure

Today we would like to announce the discovery of a vulnerability in the Spring Social Core library. Spring Social provides Java bindings to popular service provider APIs like GitHub, Facebook, Twitter, etc., and is widely used by developers. All current versions (1.0.0.RELEASE to 1.1.2.RELEASE) of the library are affected by this vulnerability.

https://blog.srcclr.com/spring-social-core-vulnerability-disclosure/

Unitronics VisiLogic OPLC IDE Vulnerabilities

This advisory was originally posted to the US-CERT secure Portal library on November 3, 2015, and is being released to the NCCIC/ICS-CERT web site. This advisory provides mitigation details for vulnerabilities in Unitronics VisiLogic OPLC IDE.

https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02

Security Advisory - App Validity Check Bypass Vulnerability in Huawei P7 Smartphone

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-397472.htm

Security Notice - Statement on Black Hat Europe 2015 Revealing Security Vulnerability in Huawei P7 Smart Phone

http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/hw-461981.htm

DFN-CERT-2015-1761: Jenkins: Mehrere Schwachstellen ermöglichen u.a. das Ausführen beliebigen Programmcodes

https://portal.cert.dfn.de/adv/DFN-CERT-2015-1761/