End-of-Shift report
Timeframe: Montag 28-12-2015 18:00 − Dienstag 29-12-2015 18:00
Handler: L. Aaron Kaplan
Co-Handler: Stephan Richter
Security Updates Available for Adobe Flash Player (APSB16-01)
A security bulletin (APSB16-01) has been published regarding security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an...
https://blogs.adobe.com/psirt/?p=1305
Quick Tips to Protect Your New (and old) Apple Devices
Apple has projected yet another record holiday for sales, but this should come as no surprise to fellow "Macheads". I myself, am a huge fan of Apple and have been for a quite...read moreThe post Quick Tips to Protect Your New (and old) Apple Devices appeared first on Webroot Threat Blog.
http://www.webroot.com/blog/2015/12/28/18251/
2016 Reality: Lazy Authentication Still the Norm
My PayPal account was hacked on Christmas Eve. The perpetrator tried to further stir up trouble by sending my PayPal funds to a hacker gang that recruits for the terrorist group ISIS. Although the intruder failed to siphon any funds, the successful takeover of the account speaks volumes about why most organizations -- including many financial institutions -- remain woefully behind the times in authenticating their customers and staying ahead of identity thieves.
http://krebsonsecurity.com/2015/12/2016-reality-lazy-authentication-still-the-norm/
An Overview of the Upcoming libModSecurity
libModSecurity is a major rewrite of ModSecurity. It preserves the rich syntax and feature set of ModSecurity while delivering improved performance, stability, and a new experience in easy integration on different. libModSecurity - Motivations While ModSecurity version 2.9.0 is available...
http://trustwave.com/Resources/SpiderLabs-Blog/An-Overview-of-the-Upcoming-libModSecurity/
Forscher: Herzschrittmacher für Hackerangriffe und Softwarefehler anfällig
Forscherin und Patientin Marie Moe sprach auf dem Hackerkongress 32C3 über das Thema
http://derstandard.at/2000028215506
Lets Encrypt: Ein kostenfreies Zertifikat, alle zwei Sekunden
Der Start der neuen Certificate Authority Lets Encrypt hat offenbar recht gut funktioniert. Nach nur rund einem Monat im Betabetrieb ist das Projekt schon die fünftgrößte CA der Welt. Doch es gibt noch einige Aufgaben zu bewältigen.
http://www.golem.de/news/let-s-encrypt-ein-kostenfreies-zertifikat-alle-zwei-sekunden-1512-118228-rss.html
32C3: pushTAN-App der Sparkasse nach wie vor angreifbar
Zwischen Erlanger Sicherheitsforschern und dem Sparkassenverband hat sich ein Katz-und-Maus-Spiel um die Online-Banking-App "pushTAN" entwickelt. Die jüngste Version ließe sich weiter recht einfach angreifen, sagen Experten.
http://heise.de/-3056667
32C3: Verschlüsselung gängiger RFID-Schließanlagen geknackt
RFID-Transponderkarten, die für die elektronische Zutrittskontrolle genutzt werden, lassen sich Sicherheitsexperten zufolge oft "trivial einfach" klonen.
http://heise.de/-3056646
Geldautomaten-Skimming auf dem Rückzug
Die Milliardeninvestitionen von Banken und Handel in mehr Sicherheit zeigen Wirkung: Datendiebe kommen am Geldautomat in Deutschland immer seltener zum Zug. Doch noch finden die Kriminellen Löcher im System.
http://heise.de/-3056638
Microsoft Has Your Encryption Key If You Use Windows 10
An anonymous reader writes with this bit of news from the Intercept. If you login to Windows 10 using your Microsoft account, your computer automatically uploads a copy of your recovery key to a Microsoft servers. From the article: "The fact that new Windows devices require users to backup their recovery key on Microsofts servers is remarkably similar to a key escrow system, but with an important difference. Users can choose to delete recovery keys from their Microsoft accounts...
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/YfNKeGMMq1o/microsoft-has-your-encryption-key-if-you-use-windows-10
Voice over LTE: Angriffe auf mobile IP-Telefonie vorgestellt
Talks, die Albträume über mobile Kommunikation auslösen, haben beim CCC Tradition. Dieses Mal haben zwei koreanische Studenten Angriffe auf Voice over LTE vorgeführt. In Deutschland soll das angeblich nicht möglich sein.
http://www.golem.de/news/voice-over-lte-mobile-ip-telefonie-kann-abgehoert-werden-1512-118236-rss.html
Fixing JavaScripts Broken Random Number Generator
szczys writes: It is surprising to learn how broken the JavaScript Random Number Generator has been for the past six years. The problem is compounded by the fact that Node.js uses the same broken Math.random() module. Learning about why this is broken is interesting, but perhaps even more interesting is how the bad code got there in the first place. It seems that a forum thread from way back in 1999 shared two versions of the code. If you read to the end of the thread you got the working
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/GG87DY0k6I4/fixing-javascripts-broken-random-number-generator
DFN-CERT-2015-2002: Roundcubemail: Zwei Schwachstellen ermöglichen u.a. das Ausführen beliebigen Programmcodes
https://portal.cert.dfn.de/adv/DFN-CERT-2015-2002/
libtiff bmp file Heap Overflow
Topic: libtiff bmp file Heap Overflow Risk: High Text:Details = Product: libtiff Affected Versions: <= 4.0.6 Vulnerability Type: Heap Overflow Security Risk: High Vendor U...
https://cxsecurity.com/issue/WLB-2015120304