End-of-Shift report
Timeframe: Montag 30-11-2015 18:00 − Dienstag 01-12-2015 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
3119884 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 1.0
Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. [...] To help protect customers from potentially fraudulent use of these unconstrained digital certificates, the certificates have been deemed no longer valid by Dell Inc. and Microsoft is updating the Certificate Trust list (CTL) for all supported releases of Microsoft Windows to remove the trust of these certificates.
https://technet.microsoft.com/en-us/library/security/3119884
SHA1 Phase Out Overview, (Mon, Nov 30th)
SHA1 (Secure Hashing Algorithm 1) has been in use for about 20 years. More recently, some weaknesses have been identified in SHA1, and in general, faster computing hardware makes it more and more likely that collisions willbe found. As a result, SHA2 starts to replace SHA1and you should see this impacting your users next year. Various software will stop trusting SHA1 signatures, and users may receive warnings about invalid signatures or certificates as a result. First a very quick primer on...
https://isc.sans.edu/diary.html?storyid=20423&rss
Belkins N150 router is perfect for learning hacking skills - wait, what, its in production?
Practice your CSRF and DNS meddling exploits here Belkins home routers can be commandeered by hackers, thanks to a Telnet backdoor, a cross-site request forgery (CSRF) vulnerability and other bugs, were told.
http://go.theregister.com/feed/www.theregister.co.uk/2015/12/01/hole_in_belkin_home_router/
DDoS-Attacken gegen griechische Banken
Armada Collective weitet DDoS-Angriffe in Europa aus und erpresst nun Kreditinstitute in Griechenland.
http://www.heise.de/newsticker/meldung/DDoS-Attacken-gegen-griechische-Banken-3028007.html?wt_mc=rss.ho.beitrag.rdf
Guest Talk: "Alice in the Sky - On Security of Air Traffic Control Communication"
January 14, 2016 - 2:00 pm - 4:45 pm SBA Research Favoritenstraße 16 1040 Wien
https://www.sba-research.org/events/guest-talk-alice-in-the-sky-on-security-of-air-traffic-control-communication/
Conficker, back from the undead, dominates malware threat landscape
Look out, ransomware is coming up on the rails Conficker was the most common malware used to attack UK and international organisations in October, accounting for 20 per cent of all attacks globally, according to security vendor Check Point.
http://go.theregister.com/feed/www.theregister.co.uk/2015/12/01/conficker_dominates_threat_landscape_malware/
Nuclear Pack loads a fileless CVE-2014-4113 Exploit
http://malware.dontneedcoffee.com/2015/12/nuclear-pack-loading-fileless-cve-2014.html
Reverse Engineering Intel DRAM Addressing and Exploitation
We demonstrate the power of such attacks by implementing a high speed covert channel that achieves transmission rates of up to 1.5Mb/s, which is three orders of magnitude faster than current covert channels on main memory. Finally, we show how our results can be used to increase the efficiency of the Rowhammer attack significantly by reducing the search space by a factor of up to 16384.
http://arxiv.org/abs/1511.08756
Dell Foundation Service ermöglicht Tracking von Nutzern
Im Dell Foundation Service zur Wartung von Computern klafft eine Schwachstelle, über die Angreifer die Service-Tag-Nummer auslesen können. Eine gefixte Version steht zum Download bereit.
http://heise.de/-3028416
"Crash Course - PCI DSS 3.1 is here. Are you ready?" Part II
Thanks to all who attended our recent webinar, "Crash Course - PCI DSS 3.1 is here. Are you ready?". During the stream, there were a number of great questions asked by attendees that didn't get answered due to the limited time. This blog post is a means to answer many of those questions. Still have...
https://blog.whitehatsec.com/crash-course-pci-dss-3-1-is-here-are-you-ready-part-ii/
l+f: Das Telegram-Protokoll macht Stalking einfach
Hat man die Telefonnummer eines Telegram-Nutzers, kann man relativ einfach dessen Online-Status überwachen.
http://heise.de/-3028550
Can you trust SSL encryption of your email provider?
Have you ever though how secure and reliable is your SSL/TLS connection to your email servers? A brief research about encryption implementation of the most popular free email providers.
https://www.htbridge.com/blog/can-you-trust-ssl-encryption-of-your-email-provider.html
Xen Heap Overflow in PC-Net II Emulator Lets Local Users on a Guest System Gain Elevated Privileges on the Host System
http://www.securitytracker.com/id/1034268
Security Notice - Statement on Pierre Kim Revealing Security Vulnerabilities in Huawei WiMAX Routers
http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/hw-464086.htm
Cisco ASR 1000 Series Root Shell License Bypass Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-asa
Cisco Cloud Services Router 1000V Command Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-csr
Cisco Web Security Appliance Native FTP Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-wsa
Security Advisory 2015-03: Vulnerability discovered in OTRS FAQ package
December 01, 2015 - Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Please send information regarding vulnerabilities in OTRS to:
security at otrs.org PGP Key pub 2048R/9C227C6B 2011-03-21 [expires at: 2016-03-02] uid OTRS Security Team GPG Fingerprint E330 4608 DA6E 34B7 1551 C244 7F9E 44E9 9C22...
https://www.otrs.com/security-advisory-2015-03-vulnerability-discovered-in-otrs-faq-package/