End-of-Shift report
Timeframe: Montag 13-04-2015 18:00 − Dienstag 14-04-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Cisco Web Security Appliance Python File Processing Privilege Escalation Vulnerability
http://tools.cisco.com/security/center/viewAlert.x?alertId=38306
Linux 4.0 freigegeben: Sicherheitslücken im laufenden Betrieb korrigieren
Bei Linux 4.0 lassen sich Sicherheitslücken ohne Neustart des Systems beheben. Ein verzögertes Aktualisieren von Dateieigenschaften soll die Performance von Ext4 verbessern.
http://heise.de/-2600691
A Tale of Two Exploits
CVE-2015-0336 is a type confusion vulnerability in the AS2 NetConnection class. I reported this issue in January and soon wrote a proof-of-concept exploit for the bug. The issue was patched by Adobe in March and less than a ..
http://googleprojectzero.blogspot.com/2015/04/a-tale-of-two-exploits.html
Bioazih RAT: How clean-file metadata can help keep you safe
As mentioned in our previous blog post about the Microsoft Clean-File Metadata initiative, there are a number of benefits for our partners and customers who use our clean or released-file metadata, specifically during antimalware whitelisting efforts. Using the authoritative metadata manifest ..
http://blogs.technet.com/b/mmpc/archive/2015/04/13/bioazih-rat-how-clean-file-metadata-can-help-keep-you-safe.aspx
New Trojan for Linux attacks websites
April 13, 2015 Doctor Web security researchers have examined a new Trojan that can infect computers with Linux operating system. This malicious program possesses the ability to scan remote websites for vulnerabilities and to attack resources with the specified HTTP protocol addresses. Criminals can ..
http://news.drweb.com/show/?i=9386&lng=en&c=9
IT-Sicherheit: Auch Medizintechnik lässt sich hacken
Überdosis nicht mehr ausgeschlossen: Der Sicherheitsforscher Billy Rios kann eine in Krankenhäusern verwendete Infusionspumpe über das Intranet manipulieren.
http://www.golem.de/news/it-sicherheit-auch-medizintechnik-laesst-sich-hacken-1504-113463.html
As Ransomware Attacks Evolve, More Potential Victims Are at Risk
In early December, as most people were dealing with the stress of looking for the perfect holiday gifts and planning out their upcoming celebrations, police officers in ..
http://threatpost.com/as-ransomware-attacks-evolve-more-potential-victims-are-at-risk/112103
Sicherheitssoftware klemmt Windows vom IPv6-Internet ab
Die Sicherheitssoftware Warsaw 1.5.1 für Windows blockiert Internetserver, die sowohl über IPv6 als auch IPv4 erreichbar sind. Betroffen sind vor allem mehrere Millionen brasilianischer Windows-Geräte, deren Nutzer Homebanking betreiben.
http://heise.de/-2603192
TV5Monde - A (tentative) technical analysis
As it may appear surprising that a TV station can be forced to stop broadcasting after having its website defaced and social network accounts controlled by some hackers, I've tried to collect publicly available technical information and improve my understanding of this interesting issue. Below you ..
http://www.fixsing.com/tv5monde-a-tentative-technical-analysis/
Hardening IIS Security
Security is an essential part of a web application and should be taken into consideration from the first stage of the development process. A website couldn't ever be secure enough unless you would undertake necessary security ..
http://resources.infosecinstitute.com/hardening-iis-security/
Verschlüsselung: Auch Mozilla will HTTPS zum Standard machen
Ein Vorschlag von Mozilla sieht vor, dass der Firefox-Browser künftig bestimmte neue Features nur noch über HTTPS-Verbindungen zulässt. Langfristig wird angestrebt, dass alle Webseiten HTTPS benutzen.
http://www.golem.de/news/verschluesselung-auch-mozilla-will-https-zum-standard-machen-1504-113489.html