End-of-Shift report
Timeframe: Dienstag 31-03-2015 18:00 − Mittwoch 01-04-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Multiple vulnerabilities in Cisco products
http://tools.cisco.com/security/center/viewAlert.x?alertId=38113
http://tools.cisco.com/security/center/viewAlert.x?alertId=38118
http://tools.cisco.com/security/center/viewAlert.x?alertId=38114
http://tools.cisco.com/security/center/viewAlert.x?alertId=38124
The Resurrection of CVE-2011-2461
Security researchers Luca Carettoni and Mauro Gentile recently found during their research that even though Adobe has fixed an old vulnerability found in 2011 (CVE-2011-2461), its side effects still linger around the Internet. Your favorite ..
http://blog.trendmicro.com/trendlabs-security-intelligence/the-resurrection-of-cve-2011-2461/
OWASP/WASC Distributed Web Honeypots Project Re-Launch - Seeking Participants
The SpiderLabs Research Team is proud to announce that we are officially re-launching the Distributed Web Honeypots Project under the new joint OWASP/WASC project home! For those SpiderLabs Blog readers who follow our ..
https://www.trustwave.com/Resources/SpiderLabs-Blog/OWASP/WASC-Distributed-Web-Honeypots-Project-Re-LaunchSeeking-Participants/
Intro to E-Commerce and PCI Compliance - Part I
Have you ever heard of the term Payment Card Industry (PCI)? Specifically, PCI compliance? If you have an e-commerce website, you probably have already heard about it. But do ..
http://blog.sucuri.net/2015/03/intro-to-e-commerce-and-pci-compliance-part-i.html
Inductive Automation Ignition Vulnerabilities
This advisory provides mitigation details for several vulnerabilities in Inductive Automation's Ignition Software.
https://ics-cert.us-cert.gov//advisories/ICSA-15-090-01
Ecava IntegraXor DLL Vulnerabilities
This advisory provides mitigation details for two DLL loading vulnerabilities in Ecava's IntegraXor SCADA Server.
https://ics-cert.us-cert.gov//advisories/ICSA-15-090-02
Hospira MedNet Vulnerabilities
This advisory provides mitigation details for four vulnerabilities in Hospira's MedNet server software.
https://ics-cert.us-cert.gov//advisories/ICSA-15-090-03
Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities (Update A)
This updated advisory is a follow-up to the original advisory titled ICSA-15-085-01 Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities, ..
https://ics-cert.us-cert.gov//advisories/ICSA-15-085-01A
Rig Exploit Kit Changes Traffic Patterns, (Wed, Apr 1st)
Sometime within the past month, Rig exploit kit (EK) changed URL structure." /> Notice the PHPSSESID and ?req= patterns in the above example." /> Now, we dont see the PHPSSESID and ?req= patterns. Lets take a closer look at the more ..
https://isc.sans.edu/diary.html?storyid=19533
Multiple Xen-vulnerabilities
http://www.securitytracker.com/id/1031994
http://www.securitytracker.com/id/1031998
http://www.securitytracker.com/id/1031997
Crypto-Ransomware Sightings and Trends for 1Q 2015
It seems that cybercriminals have yet to tire of creating crypto-ransomware malware. Since the start of 2015, we have spotted several variants of crypto-ransomware plague the threat landscape. In January, the Australia-New Zealand region was beset by variants of TorrentLocker. But we soon ..
http://blog.trendmicro.com/trendlabs-security-intelligence/crypto-ransomware-sightings-and-trends-for-1q-2015/
Firefox 37 verbessert Browser-Sicherheit
Es ist wieder einmal Update-Zeit bei Mozilla: Mit Firefox 37 gibt es nun also eine neue Version des Browsers, die vor allem Sicherheitsverbesserungen verspricht.
http://derstandard.at/2000013734909
A timeline of mobile botnets
With the recent explosion in smartphone usage, malware authors have increasingly focused their attention on mobile devices, leading to a steep rise in mobile malware over the past couple of years. In this paper, Ruchna Nigam focuses on mobile botnets, drawing up an inventory of types of known mobile bot variants.
https://www.virusbtn.com/virusbulletin/archive/2015/03/vb201503-mobile-botnets
Google: Fünf Prozent aller Nutzer haben Adware auf ihren Rechnern
Bei mehr als einem Drittel davon sind es sogar mehr als vier Tools, die Werbung in Webseiten injizieren
http://derstandard.at/2000013745151
Smartes Türschloss August war zu gastfreundlich
Durch eine Lücke in vernetzten Türschlossern konnten sich deren Besitzer unangemeldet untereinander besuchen.
http://heise.de/-2593822
JOSE - JSON Object Signing and Encryption
Federated Identity Management has become very widespread in past years - in addition to enterprise deployments a lot of popular web services allow users to carry their identity over multiple sites. Social networking ..
https://securityblog.redhat.com/2015/04/01/jose-json-object-signing-and-encryption/
DNS/AXFR: Nameserver verraten Geheim-URLs
Das DNS-Protokoll hat eine Funktion, mit der man umfangreiche Informationen zu einer Domain abfragen kann. Dieser sogenannte AXFR-Transfer ist normalerweise ..
http://www.golem.de/news/dns-axfr-nameserver-verraten-geheim-urls-1504-113278.html