End-of-Shift report
Timeframe: Dienstag 05-05-2015 18:00 − Mittwoch 06-05-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Root-Shell im Krankenhaus: Hospira-Infusionspumpe mit Telnet-Lücke
Computer, die in Krankenhäusern die Abgabe von Medikamenten direkt ins Blut der Patienten steuern, sollten eigentlich einigermaßen abgesichert sein. Bei in US-Kliniken verbreiteten Infusionspumpen wurde jedoch eine "game-over vulnerability" entdeckt.
http://heise.de/-2633529
Cisco Unity Connection CUCReports Page Cross-Site Request Forgery Vulnerability
A vulnerability in the CUCReports page of Cisco Unity Connection could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack against the CUCReports web interface.
http://tools.cisco.com/security/center/viewAlert.x?alertId=38675
Cisco Unified Communications Manager SQL Injection Vulnerability
A vulnerability in Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform SQL injection attacks.
http://tools.cisco.com/security/center/viewAlert.x?alertId=38674
Spearphishing: A New Weapon in Cyber Terrorism
Introduction: Spear phishing attacks Spear phishing and its evolutions like the watering hole attack represent one of the most insidious attack techniques adopted by the majority of threat actors in cyber space. According to the experts ..
http://resources.infosecinstitute.com/spearphishing-a-new-weapon-in-cyber-terrorism/
Hospira LifeCare PCA Infusion System Vulnerabilities
This advisory provides compensating measures for an improper authorization vulnerability and an insufficient verification of data authenticity vulnerability in the Hospira LifeCare PCA Infusion System.
https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01
Studie: Die Smart City ist intelligent, aber angreifbar
Smarte Städte könnten zum Ziel von Hackerangriffen werden. Durch die zunehmende Vernetzung potenzieren sich die Sicherheitslücken, wie eine Studie zeigt.
http://www.golem.de/news/studie-die-smart-city-ist-intelligent-aber-angreifbar-1505-113764-rss.html
Tinba - Yet another anti-sandbox tricks
Malware authors certainly do not take a breather when it comes to inventing new tricks for detecting sandbox, a very useful system to automatically analyze millions of samples nowadays. Recently, Seculert unveiled an unprecedented sandbox detection method that was employed by the Dyre/Dyreza malware. We had seen similar anti-sandbox tricks used by the ..
https://www.f-secure.com/weblog/archives/00002810.html
Erneut massive Sicherheitslücke bei Lenovo-Rechnern
Hacker konnten durch Fehler im Update-System Schadprogramme als Lenovo-Software ausgeben
http://derstandard.at/2000015349945
IT threat evolution in Q1 2015
In the first quarter of 2015 Kaspersky Lab products detected a total of 2,2 bln malicious attacks and more than 93 mln unique malicious URLs. The story of the powerful Equation cyberespionage group was perhaps the most talked-about news story of Q1.
http://securelist.com/analysis/quarterly-malware-reports/69872/it-threat-evolution-in-q1-2015/
Nmap Cheat Sheet 5: The Final View of a Ninja Pentester
As we discussed in the last topic of our Nmap Series, this will be our final touch for the cheat sheet. Here we will try to cover most of the topic as required for Vulnerability Assessment and Penetration Testing. As a Ninja Pentester, ..
http://resources.infosecinstitute.com/nmap-cheat-sheet-5-the-final-view-of-a-ninja-pentester/
Explaining Security Lingo
This post is aimed to clarify certain terms often used in the security community. Let's start with the easiest one: vulnerability. A vulnerability is a flaw in a selected system ..
https://securityblog.redhat.com/2015/05/06/explaining-security-lingo/
Multiple Fortiguard products cross-site scripting vulnerabilities
The Web User Interface of FortiGate, FortiManager, FortiAnalyzer, FortiMail and FortiADC D models are vulnerable to reflected cross-site scripting vulnerabilities.
http://www.fortiguard.com/advisory/FG-IR-15-005/
JetPack and TwentyFifteen Vulnerable to DOM-based XSS - Millions of WordPress Websites Affected
Any WordPress Plugin or theme that leverages the genericons package is vulnerable to a DOM-based Cross-Site Scripting (XSS) vulnerability due to an insecure file included with ..
https://blog.sucuri.net/2015/05/jetpack-and-twentyfifteen-vulnerable-to-dom-based-xss-millions-of-wordpress-websites-affected-millions-of-wordpress-websites-affected.html
Google-Studie: Millionen Computer mit Adware infiziert
Fast 5,4 Millionen Google-Besucher haben Adware auf ihren Computern installiert. Ein Grossteil davon geht auf Googles eigene Kappe, denn viele der Werbe-Einblender stammen aus dem Chrome Web Store.
http://heise.de/-2636130