End-of-Shift report
Timeframe: Dienstag 22-12-2015 18:00 − Mittwoch 23-12-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
2015 Ransomware Wrap-Up
Heres a rundown of the innovative ransomware that frightened users and earned attackers big bucks this year.
http://www.darkreading.com/endpoint/2015-ransomware-wrap-up/d/d-id/1323424
3-in-1 Malware Infection through Spammed JavaScript Attachments
Recently weve observed a massive uptick of malicious spam with JavaScript attachments with an intention to spread and infect Windows systems with variety of malicious executables. The spam usually contains a ZIP file attachment containing only one JavaScript file. The ..
https://www.trustwave.com/Resources/SpiderLabs-Blog/3-in-1-Malware-Infection-through-Spammed-JavaScript-Attachments/
IT bloke: Crooks stole my bikes after cycling app blabbed my address
Brit suffers from GPS accuracy An IT manager in Manchester, England, says thieves stole his bikes after a smartphone cycling app pinpointed the location of his garage ..
www.theregister.co.uk/2015/12/22/it_manager_loses_bikes_after_cycling_app_pinpoints_home/
Xen Project blunder blows own embargo with premature bug report
Malicious guest could eat your virtual rigs from the inside The Xen Project has reported a new bug, XSA-169, that means 'A malicious guest could cause repeated logging to the hypervisor console, leading to a Denial of Service attack.' ..
www.theregister.co.uk/2015/12/23/xen_blunder_blows_own_embargo_with_premature_bug_report/
Expect Phishers to Up Their Game in 2016
Expect phishers and other password thieves to up their game in 2016: Both Google and Yahoo! are taking steps to kill off the password as we know it.New authentication methods now offered by Yahoo! and to a beta group of Google users let customers log in just by supplying their email address, and then responding to a notification sent to their mobile device.
http://krebsonsecurity.com/2015/12/expect-phishers-to-up-their-game-in-2016
Why it's harder to forge a SHA-1 certificate than it is to find a SHA-1 collision
It's well known that SHA-1 is no longer considered a secure cryptographic hash function. Researchers now believe that finding a hash collision (two values that result in the same value when SHA-1 is applied) is inevitable and likely to happen in a matter of months. This poses a potential threat to trust on the web, as many websites use certificates that are digitally signed with algorithms that rely on SHA-1. Luckily for everyone, finding a hash collision is not enough to forge a digital
https://blog.cloudflare.com/why-its-harder-to-forge-a-sha-1-certificate-than-it-is-to-find-a-sha-1-collision/
Cyberangriffe auf türkische Internetserver
Unklare Hintergründe - Steckt Russland dahinter? Oder Anonymous?
http://derstandard.at/2000028013290
Hacker: Filmstars mit Problemen im Netz
Brandneue Spielfilme wie der jüngste Western von Quentin Tarantino sind im Internet aufgetaucht. Eine Reihe weiterer Stars hat ganz andere Probleme: Ein Hacker ist an Sexvideos und persönliche Daten von ihnen gelangt - er wurde allerdings nun verhaftet.
http://www.golem.de/news/hacker-filmstars-mit-problemen-im-netz-1512-118179.html
How a security director used a rootkit to rig the lottery and steal millions of dollars
Not too long ago, Eddie Tipton was convicted of hacking into the Multi-State Lottery Association's computer system in order to rig a nearly $17 million jackpot in Iowa. Now comes word that an investigation into Tipton's hacking activities is expanding to include a number of other states. Thus far, lottery officials from Colorado, Wisconsin and Oklahoma have indicated that Tipton may have also gamed lottery jackpots in their respective states.
https://bgr.com/2015/12/23/lottery-hacker-rootkit-stolen-numbers-investigation/
Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities
This advisory contains mitigation details for NTP daemon vulnerabilities in the Siemens RUGGEDCOM ROX-based devices.
https://ics-cert.us-cert.gov/advisories/ICSA-15-356-01
Aufgrund der Weihnachtsfeiertage erscheint der nächste End-of-Shift Report erst am 28.12.2015.