End-of-Shift report
Timeframe: Freitag 22-05-2015 18:00 − Dienstag 26-05-2015 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
Annual Privacy Forum 2015: Call for Papers and latest news
The Annual Privacy Forum (APF) meeting will be taking place on the 7th and 8th of October 2015 in Luxembourg, during its Presidency of the Council of the EU. This year, the main focus of the APF will be on privacy of electronic communications.
Current open calls:...
http://www.enisa.europa.eu/media/news-items/annual-privacy-forum-2015-call-for-papers-and-latest-news
Securing Web APIs: The Basics with Node.js Examples
Introduction Public-facing APIs have tremendously increased in the last couple of years. Businesses have seen that sharing their business data with the public can be beneficial. There are many reasons for this: such as the fact that it allows the API users to create something new and interesting with the shared data, and that APIs...
http://resources.infosecinstitute.com/securing-web-apis-the-basics-with-node-js-examples/
Android: Schlüssel werden auf zurückgesetzten Smartphones nicht gelöscht
Auf zurückgesetzten Android-Smartphones lassen sich Daten wiederherstellen, auch auf solchen, die zuvor verschlüsselt wurden. Anwender können kaum etwas dagegen tun.
http://www.golem.de/news/android-schluessel-werden-auf-zurueckgesetzten-smartphones-nicht-geloescht-1505-114238-rss.html
Recent Breaches a Boon to Extortionists
The recent breaches involving the leak of personal data on millions of customers at online hookup site Adult Friend Finder and mobile spyware maker mSpy give extortionists and blackmailers plenty of ammunition with which to ply their trade. And there is some evidence that neer-do-wells are actively trading this data and planning to abuse it for financial gain.
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/spK0KOTLf64/
Travel smart: Tips for staying secure on the road
Cybercriminals dont take vacations. In fact, they feast on tourists and travelers, taking advantage of people when their guards are down or when theyre distracted by other pursuits. Wombat Security Technologies pulled together four essential tips from our security awareness and training materials that you can use to stay safe when you travel
http://www.net-security.org/secworld.php?id=18421
How to Pass-the-Hash with Mimikatz
A hidden gem in mimikatz is its ability to create a trust relationship from a username and password hash.
http://blog.cobaltstrike.com/2015/05/21/how-to-pass-the-hash-with-mimikatz/
Windows Functions in Malware Analysis - Cheat Sheet - Part 1
In this article, we will learn briefly about the various windows functions commonly encountered by malware analysts. Windows Functions Accept: This function is used to listen for incoming connections. This function indicates that the program will listen for incoming connections on a socket. It is mostly used by malware to communicate with their Command and...
http://resources.infosecinstitute.com/windows-functions-in-malware-analysis-cheat-sheet-part-1/
Exploit-Kit greift über 50 Router-Modelle an
Wer einen unsicher konfigurierten Router betreibt, könnte schon bald Probleme bekommen: Ein Virenforscher hat ein Exploit-Kit entdeckt, das zahlreiche Router-Modelle bekannter Hersteller angreifen kann.
http://heise.de/-2665387
How often should companies conduct web penetration testing?
Following our previous blog post "How long does website penetration testing take" we received a lot of questions from our customers and partners about the recommended frequency of penetration testing for their web applications. In this blog post we will answer that question.
https://www.htbridge.com/blog/how_often_conduct_web_penetration_testing.html
Cisco Unified Communications Manager Multiple Vulnerabilities
http://tools.cisco.com/security/center/viewAlert.x?alertId=38964
Cisco HCS Administrative Web Interface Arbitrary Command Execution Vulnerability
http://tools.cisco.com/security/center/viewAlert.x?alertId=38969
IBM Security Bulletins
https://www-304.ibm.com/connections/blogs/PSIRT/?lang=en_us
PostgreSQL Bugs Let Remote Users Deny Service and Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1032396
Cacti Input Validation Flaw in graph.php Lets Remote Authenticated Users Inject SQL Commands
http://www.securitytracker.com/id/1032385
VU#551972: Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files
Vulnerability Note VU#551972 Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files Original Release date: 26 May 2015 | Last revised: 26 May 2015 Overview The Synology Cloud Station sync client for OS X contains a setuid root executable that allows regular users to claim ownership of system files. Description CWE-276: Incorrect Default Permissions - CVE-2015-2851The Synology Cloud Station sync client for OS X contains an executable named
http://www.kb.cert.org/vuls/id/551972
Bugtraq: Synology Photo Station multiple Cross-Site Scripting vulnerabilities
http://www.securityfocus.com/archive/1/535607
Bugtraq: Reflected Cross-Site Scripting in Synology DiskStation Manager
http://www.securityfocus.com/archive/1/535606
Bugtraq: Command injection vulnerability in Synology Photo Station
http://www.securityfocus.com/archive/1/535605
HP SiteScope Unspecified Flaw Lets Remote Authenticated Users Gain Elevated Privileges
http://www.securitytracker.com/id/1032395
GigPress <= 2.3.8 - Authenticated SQL Injection
https://wpvulndb.com/vulnerabilities/8003
NewStatPress 0.9.8 - XSS and SQL Injection
https://wpvulndb.com/vulnerabilities/8004