Tageszusammenfassung - Freitag 6-02-2015

End-of-Shift report

Timeframe: Donnerstag 05-02-2015 18:00 − Freitag 06-02-2015 18:00 Handler: Alexander Riepl Co-Handler: n/a

Filmkan: Mysterious Turkish Botnet Grows Through Facebook

On January 31, a security researcher named Mohammad Faghani posted an analysis of malware that was being distributed through Facebook posts. Based on the number of ..

http://researchcenter.paloaltonetworks.com/2015/02/filmkan-mysterious-turkish-botnet-grows-facebook

Microsoft: Firmen entdecken Cyberattacken erst nach 243 Tagen

Firmen brauchen nach Angaben von Microsoft durchschnittlich 243 Tage, um eine Cyberattacke auf ihr Netzwerk zu entdecken. "Sie haben 243 Tage lang ..

http://derstandard.at/2000011347067

Revetons design refreshed - Winter 2015

Those days Reveton is mainly pushed on adult traffic via "standalone" CVE-2015-0311 flash (posing as advert) calling an Xtea encoded stream. After not far from 2 years with the same design it's now showing some ..

http://malware.dontneedcoffee.com/2015/02/RevetonWinter2015.html

The Anthem Breach: What We Know Now

I learned about the breach directly from the CEO before all the hype and speculation hit. This is the level of caring and responsibility I personally expect as an Anthem customer. So now that the news is out there, let's talk about the technical aspects of the breach.

http://blog.beyondtrust.com/the-anthem-breach-what-we-know-now

GE and MACTek HART Device DTM Vulnerability

This advisory provides mitigation details for an improper input vulnerability in the HART Device Type Manager (DTM) library utilized in GE and MACTek's HART Device DTM.

https://ics-cert.us-cert.gov//advisories/ICSA-15-036-01

Pepperl+Fuchs Hart Device DTM Vulnerability

This advisory provides mitigation details for an improper input vulnerability in the CodeWrights GmbH HART Device DTM library utilized in Pepperl+Fuchs' HART Device DTM.

https://ics-cert.us-cert.gov//advisories/ICSA-15-036-02

CodeWrights GmbH HART Device DTM Vulnerability (Update C)

This updated advisory is a follow-up to the updated advisory titled ICSA-15-012-01B CodeWrights GmbH HART DTM Vulnerability that was published January 27, 2015, ..

https://ics-cert.us-cert.gov//advisories/ICSA-15-012-01C

Datenschutz: Wie sicher ist die IP-Telefonie?

Können Dritte ohne großen Aufwand IP-Telefonate mithören? Die Antwort ist wie so oft: Jein. Denn trotz mangelnder Verschlüsselung ist die IP-Telefonie nicht ganz so unsicher wie behauptet - zumindest ist es für Angreifer schwierig, Telefonate abzuhören.

http://www.golem.de/news/datenschutz-wie-sicher-ist-die-ip-telefonie-1502-112193.html

Preparing for the unknown - A peek into Cyber Europe

ENISA is supporting Member States to cope with major cybersecurity crises with its flagship Cyber Europe programme. Five years after the first ever European wide cyber exercise, Cyber Europe evolved into a unique multinational crisis simulation which immerses participants into the unknown.

http://www.enisa.europa.eu/media/news-items/preparing-for-the-unknown-a-peek-into-cyber-europe

7 Best WordPress Security Plugins

WordPress is the most popular blogging platform in the world. Millions of websites including various popular blogs are using WordPress as a content publishing platform. So, hackers are also more interested in hacking ..

http://resources.infosecinstitute.com/7-best-wordpress-security-plugins/

Neue Spuren im Sony-Hack führen nach Russland

Neue Indizien im Fall des Sony-Hacks sollen belegen, dass russische Hacker in den Vorfall involviert sind. Einem Bericht zufolge haben diese aktuell immer noch Zugriff auf das Netzwerk von Sony Pictures Entertainment.

http://heise.de/-2543005

Fessleak malvertising campaign used to serve ransomware

Invincea has been monitoring the Fessleak campaign in which hackers leveraged Adobe Flash Player exploits and file-less infections to serve ransomware.

http://securityaffairs.co/wordpress/33153/cyber-crime/fessleak-malvertising-campaign.html