End-of-Shift report
Timeframe: Montag 20-04-2015 18:00 − Dienstag 21-04-2015 18:00
Handler: Stephan Richter
Co-Handler: n/a
JavaScript CPU cache snooper tells crooks EVERYTHING you do online
New research sends browser kingpins scurrying for fixes Four Cornell University boffins reckon they can spy on keystrokes and mouse clicks in a web browser tab by snooping on the PCs processor caches.
http://go.theregister.com/feed/www.theregister.co.uk/2015/04/21/cache_creeps_can_spy_on_web_histories_for_80_of_net_users/
New fileless malware found in the wild
Since the discovery of the Poweliks fileless Trojan in August 2014, researchers have been expecting other similar malware to pop up. The wait over: Phasebot malware, which also has fileless infecti...
http://feedproxy.google.com/~r/HelpNetSecurity/~3/fLPIj0uz1VY/malware_news.php
Cross-Site-Scripting: Zahlreiche Wordpress-Plugins verwenden Funktion fehlerhaft
Eine schlecht dokumentierte Funktion der Wordpress-API ist von zahlreichen populären Plugins fehlerhaft verwendet worden. Der Fehler führt zu Cross-Site-Scripting-Lücken: Betroffen sind unter anderem das Jetpack-Plugin, die Plugins von Yoast und das All-in-one-SEO-Plugin.
http://www.golem.de/news/cross-site-scripting-zahlreiche-wordpress-plugins-verwenden-funktion-fehlerhaft-1504-113636-rss.html
2nd workshop on National Cyber Security Strategies: 13th May
ENISA and the Latvian Ministry of Defence are hosting on the 13th of May 2015, the 2nd workshop on National Cyber Security Strategies in Riga, during the Presidency of the Council of the European Union.
http://www.enisa.europa.eu/media/news-items/2nd-workshop-on-national-cyber-security-strategies-13th-may
Fehlerhafte Netzwerkbibliothek macht iOS-Apps angreifbar
Durch einen Bug in der Bibliothek AFNetwork kann man die verschlüsselten Verbindungen zahlreicher Apps angreifen, die sie einsetzen. Eine Online-Datenbank verrät, welche Apps betroffen waren oder sind.
http://heise.de/-2615960
WordPress 4.1.2 Security Release
WordPress 4.1.2 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.
https://wordpress.org/news/2015/04/wordpress-4-1-2/
Security Advisory: glibc vulnerability CVE-2013-7424
(SOL16472)
https://support.f5.com:443/kb/en-us/solutions/public/16000/400/sol16472.html?ref=rss
VU#260780: NetNanny uses a shared private key and root CA
Vulnerability Note VU#260780 NetNanny uses a shared private key and root CA Original Release date: 20 Apr 2015 | Last revised: 20 Apr 2015 Overview NetNanny uses a shared private key and root Certificate Authority (CA), making systems broadly vulnerable to HTTPS spoofing. Description NetNanny installs a Man-in-the-Middle (MITM) proxy as well as a new trusted root CA certificate. The certificate used by NetNanny is shared among all installations of NetNanny. Furthermore, the private key used
http://www.kb.cert.org/vuls/id/260780
Cisco Unified MeetingPlace Custom Prompts languageShortName Parameter Arbitrary Code Execution Vulnerability
http://tools.cisco.com/security/center/viewAlert.x?alertId=38455
Cisco Unified MeetingPlace Administrative Web Interface Reflected Cross-Site Scripting Vulnerability
http://tools.cisco.com/security/center/viewAlert.x?alertId=38459
HPSBMU03321 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code
Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code.
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04636829
HPSBGN03305 rev.1 - HP Business Service Management (BSM) products running SSLv3, Remote Disclosure of Information
A potential security vulnerability has been identified with HP Business Service Management (BSM), SiteScope, Business Service Management (BSM) Integration Adaptor, Operations Manager for Windows, Unix and Linux, Reporter, Operation Agent Virtual Appliance, Performance Manager, Virtualization Performance Viewer, Operations Agent, BSM Connector and Service Health Reporter running SSLv3. The vulnerability could be exploited remotely to allow disclosure of information.
https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04626982