Tageszusammenfassung - Dienstag 26-05-2015

End-of-Shift report

Timeframe: Freitag 22-05-2015 18:00 − Dienstag 26-05-2015 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter

Annual Privacy Forum 2015: Call for Papers and latest news

The Annual Privacy Forum (APF) meeting will be taking place on the 7th and 8th of October 2015 in Luxembourg, during its Presidency of the Council of the EU. This year, the main focus of the APF will be on privacy of electronic communications. Current open calls:...

http://www.enisa.europa.eu/media/news-items/annual-privacy-forum-2015-call-for-papers-and-latest-news

Securing Web APIs: The Basics with Node.js Examples

Introduction Public-facing APIs have tremendously increased in the last couple of years. Businesses have seen that sharing their business data with the public can be beneficial. There are many reasons for this: such as the fact that it allows the API users to create something new and interesting with the shared data, and that APIs...

http://resources.infosecinstitute.com/securing-web-apis-the-basics-with-node-js-examples/

Android: Schlüssel werden auf zurückgesetzten Smartphones nicht gelöscht

Auf zurückgesetzten Android-Smartphones lassen sich Daten wiederherstellen, auch auf solchen, die zuvor verschlüsselt wurden. Anwender können kaum etwas dagegen tun.

http://www.golem.de/news/android-schluessel-werden-auf-zurueckgesetzten-smartphones-nicht-geloescht-1505-114238-rss.html

Recent Breaches a Boon to Extortionists

The recent breaches involving the leak of personal data on millions of customers at online hookup site Adult Friend Finder and mobile spyware maker mSpy give extortionists and blackmailers plenty of ammunition with which to ply their trade. And there is some evidence that neer-do-wells are actively trading this data and planning to abuse it for financial gain.

http://feedproxy.google.com/~r/KrebsOnSecurity/~3/spK0KOTLf64/

Travel smart: Tips for staying secure on the road

Cybercriminals dont take vacations. In fact, they feast on tourists and travelers, taking advantage of people when their guards are down or when theyre distracted by other pursuits. Wombat Security Technologies pulled together four essential tips from our security awareness and training materials that you can use to stay safe when you travel

http://www.net-security.org/secworld.php?id=18421

How to Pass-the-Hash with Mimikatz

A hidden gem in mimikatz is its ability to create a trust relationship from a username and password hash.

http://blog.cobaltstrike.com/2015/05/21/how-to-pass-the-hash-with-mimikatz/

Windows Functions in Malware Analysis - Cheat Sheet - Part 1

In this article, we will learn briefly about the various windows functions commonly encountered by malware analysts. Windows Functions Accept: This function is used to listen for incoming connections. This function indicates that the program will listen for incoming connections on a socket. It is mostly used by malware to communicate with their Command and...

http://resources.infosecinstitute.com/windows-functions-in-malware-analysis-cheat-sheet-part-1/

Exploit-Kit greift über 50 Router-Modelle an

Wer einen unsicher konfigurierten Router betreibt, könnte schon bald Probleme bekommen: Ein Virenforscher hat ein Exploit-Kit entdeckt, das zahlreiche Router-Modelle bekannter Hersteller angreifen kann.

http://heise.de/-2665387

How often should companies conduct web penetration testing?

Following our previous blog post "How long does website penetration testing take" we received a lot of questions from our customers and partners about the recommended frequency of penetration testing for their web applications. In this blog post we will answer that question.

https://www.htbridge.com/blog/how_often_conduct_web_penetration_testing.html

Cisco Unified Communications Manager Multiple Vulnerabilities

http://tools.cisco.com/security/center/viewAlert.x?alertId=38964

Cisco HCS Administrative Web Interface Arbitrary Command Execution Vulnerability

http://tools.cisco.com/security/center/viewAlert.x?alertId=38969

IBM Security Bulletins

https://www-304.ibm.com/connections/blogs/PSIRT/?lang=en_us

PostgreSQL Bugs Let Remote Users Deny Service and Obtain Potentially Sensitive Information

http://www.securitytracker.com/id/1032396

Cacti Input Validation Flaw in graph.php Lets Remote Authenticated Users Inject SQL Commands

http://www.securitytracker.com/id/1032385

VU#551972: Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files

Vulnerability Note VU#551972 Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files Original Release date: 26 May 2015 | Last revised: 26 May 2015 Overview The Synology Cloud Station sync client for OS X contains a setuid root executable that allows regular users to claim ownership of system files. Description CWE-276: Incorrect Default Permissions - CVE-2015-2851The Synology Cloud Station sync client for OS X contains an executable named

http://www.kb.cert.org/vuls/id/551972

HP SiteScope Unspecified Flaw Lets Remote Authenticated Users Gain Elevated Privileges

http://www.securitytracker.com/id/1032395

GigPress <= 2.3.8 - Authenticated SQL Injection

https://wpvulndb.com/vulnerabilities/8003

NewStatPress 0.9.8 - XSS and SQL Injection

https://wpvulndb.com/vulnerabilities/8004