End-of-Shift report
Timeframe: Montag 22-06-2015 18:00 − Dienstag 23-06-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Security updates available for Adobe Flash Player (APSB15-14)
A Security Bulletin (APSB15-14) has been published regarding security updates for Adobe Flash Player. These updates address a critical vulnerability (CVE-2015-3113), and Adobe recommends users update their product installations to the latest ..
https://blogs.adobe.com/psirt/?p=1210
Multiple vulnerabilities in Cisco products
http://tools.cisco.com/security/center/viewAlert.x?alertId=39439
http://tools.cisco.com/security/center/viewAlert.x?alertId=39440
http://tools.cisco.com/security/center/viewAlert.x?alertId=39455
http://tools.cisco.com/security/center/viewAlert.x?alertId=39457
http://tools.cisco.com/security/center/viewAlert.x?alertId=39459
http://tools.cisco.com/security/center/viewAlert.x?alertId=39460
http://tools.cisco.com/security/center/viewAlert.x?alertId=39377
http://tools.cisco.com/security/center/viewAlert.x?alertId=39458
�Free� Proxies Aren�t Necessarily Free
Netflix, Hulu and a host of other content streaming services block non-U.S. users from viewing their content. As a result, many people residing in or traveling outside of the United States seek to circumvent such restrictions by using services that advertise "free" and "open" Web proxies capable of ..
http://krebsonsecurity.com/2015/06/free-proxies-arent-necessarily-free
Security hole in MacKeeper used to shove malware onto Macs
According to researchers at BAE, a recent Mac malware infestation was carried out using a security hole in a utility called MacKeeper.
https://nakedsecurity.sophos.com/2015/06/22/security-hole-in-mackeeper-used-to-shove-malware-onto-macs/
New Dridex infection vector identified - Banking Trojan�s authors use Microsoft Office trick and a legitimate service to infect systems
Malware authors can sometimes be creative in order to manipulate their human targets on the one hand and to circumvent security products, too. The experts of G DATA�s SecurityLabs analyzed a specially crafted Microsoft Word document ..
https://blog.gdatasoftware.com/blog/article/new-dridex-infection-vector-identified.html
XOR DDOS Mitigation and Analysis, (Tue, Jun 23rd)
I have struggled over the past recent months with a clients environment becoming infected and reinfected with an XOR DDOS trojan. The disruption and reinfection rates were costly at times. The client in question ..
https://isc.sans.edu/diary.html?storyid=19827
This Radio Bug Can Steal Laptop Crypto Keys, Fits Inside a Pita
The list of paranoia-inducing threats to your computer�s security grows daily: Keyloggers, trojans, infected USB sticks, ransomware�and now the rogue falafel sandwich.
http://www.wired.com/2015/06/radio-bug-can-steal-laptop-crypto-keys-fits-inside-pita/
mTAN-Trojaner hat es erneut auf Android-Nutzer abgesehen
Gefälschte E-Mails im Namen der Postbank machen aktuell die Runde und fordern Nutzer dazu auf, eine SSL-Zertifikat-App zu installieren. Dahinter verbirgt sich jedoch ein Trojaner, der unter anderem mTANs für Online-Banking mitschneidet.
http://heise.de/-2721682
Moose Malware-Part 1
In this article series, we will learn about a famous Linux family of malware known as MOOSE, which is used to steal unencrypted traffic over the wire and infect other devices automatically. This malware steals HTTP cookies and performs ..
http://resources.infosecinstitute.com/moose-malware-part-1/
Edges for file renames and process kills.
With build 47 ProcDOT introduced brand new edges to visualize situations where a file is being renamed or a process is being killed by some thread. While the latter was quite easy to implement it�s the renaming of files which stands out of the mass of typical frames/events in terms of ProcDOT�s animation capabilities.
http://procdot.com/blog_20150623.htm
Support-Ende beim Windows Server 2003 am 14. Juli
Länger als Windows XP hat Microsoft sein Server-Betriebssystem derselben Generation mit Sicherheits-Updates versorgt. Aber am 14. Juli ist damit endgültig Schluss.
http://www.heise.de/newsticker/meldung/Support-Ende-beim-Windows-Server-2003-am-14-Juli-2722123.html