Tageszusammenfassung - Dienstag 23-06-2015

End-of-Shift report

Timeframe: Montag 22-06-2015 18:00 − Dienstag 23-06-2015 18:00 Handler: Alexander Riepl Co-Handler: n/a

Security updates available for Adobe Flash Player (APSB15-14)

A Security Bulletin (APSB15-14) has been published regarding security updates for Adobe Flash Player. These updates address a critical vulnerability (CVE-2015-3113), and Adobe recommends users update their product installations to the latest ..

https://blogs.adobe.com/psirt/?p=1210

Multiple vulnerabilities in Cisco products

�Free� Proxies Aren�t Necessarily Free

Netflix, Hulu and a host of other content streaming services block non-U.S. users from viewing their content. As a result, many people residing in or traveling outside of the United States seek to circumvent such restrictions by using services that advertise "free" and "open" Web proxies capable of ..

http://krebsonsecurity.com/2015/06/free-proxies-arent-necessarily-free

Security hole in MacKeeper used to shove malware onto Macs

According to researchers at BAE, a recent Mac malware infestation was carried out using a security hole in a utility called MacKeeper.

https://nakedsecurity.sophos.com/2015/06/22/security-hole-in-mackeeper-used-to-shove-malware-onto-macs/

New Dridex infection vector identified - Banking Trojan�s authors use Microsoft Office trick and a legitimate service to infect systems

Malware authors can sometimes be creative in order to manipulate their human targets on the one hand and to circumvent security products, too. The experts of G DATA�s SecurityLabs analyzed a specially crafted Microsoft Word document ..

https://blog.gdatasoftware.com/blog/article/new-dridex-infection-vector-identified.html

XOR DDOS Mitigation and Analysis, (Tue, Jun 23rd)

I have struggled over the past recent months with a clients environment becoming infected and reinfected with an XOR DDOS trojan. The disruption and reinfection rates were costly at times. The client in question ..

https://isc.sans.edu/diary.html?storyid=19827

This Radio Bug Can Steal Laptop Crypto Keys, Fits Inside a Pita

The list of paranoia-inducing threats to your computer�s security grows daily: Keyloggers, trojans, infected USB sticks, ransomware�and now the rogue falafel sandwich.

http://www.wired.com/2015/06/radio-bug-can-steal-laptop-crypto-keys-fits-inside-pita/

mTAN-Trojaner hat es erneut auf Android-Nutzer abgesehen

Gefälschte E-Mails im Namen der Postbank machen aktuell die Runde und fordern Nutzer dazu auf, eine SSL-Zertifikat-App zu installieren. Dahinter verbirgt sich jedoch ein Trojaner, der unter anderem mTANs für Online-Banking mitschneidet.

http://heise.de/-2721682

Moose Malware-Part 1

In this article series, we will learn about a famous Linux family of malware known as MOOSE, which is used to steal unencrypted traffic over the wire and infect other devices automatically. This malware steals HTTP cookies and performs ..

http://resources.infosecinstitute.com/moose-malware-part-1/

Edges for file renames and process kills.

With build 47 ProcDOT introduced brand new edges to visualize situations where a file is being renamed or a process is being killed by some thread. While the latter was quite easy to implement it�s the renaming of files which stands out of the mass of typical frames/events in terms of ProcDOT�s animation capabilities.

http://procdot.com/blog_20150623.htm

Support-Ende beim Windows Server 2003 am 14. Juli

Länger als Windows XP hat Microsoft sein Server-Betriebssystem derselben Generation mit Sicherheits-Updates versorgt. Aber am 14. Juli ist damit endgültig Schluss.

http://www.heise.de/newsticker/meldung/Support-Ende-beim-Windows-Server-2003-am-14-Juli-2722123.html