End-of-Shift report
Timeframe: Donnerstag 25-06-2015 18:00 − Freitag 26-06-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport
Magento Platform Targeted By Credit Card Scrapers
We've been writing a lot about E-Commerce hacks and PCI Compliance recently. The more people buy things online, the more of an issue this will be come and the more important it will ..
https://blog.sucuri.net/2015/06/magento-platform-targeted-by-credit-card-scrapers.html
MMD-0034-2015 - New ELF Linux/DES.Downloader on Elasticsearch CVE-2015-1427 exploit
This is a tough writing, and will be many addition will be added after the initial release. We are pushed to release this as alert of an on going attack, it is a real malware incident ..
http://blog.malwaremustdie.org/2015/06/mmd-0034-2015-new-elf.html
That shot you heard? SSLv3 is now DEAD
Its joined the choir invisible We really, really, really mean it this time: take SSL3 and bury ..
http://www.theregister.co.uk/2015/06/26/that_shot_you_heard_sslv3_is_now_dead/
EU-Ermittler zerschlagen Ring von Online-Banking-Betrügern
Verschiedenen Behörden aus Europa haben eine erfolgreiche Operation gegen Cyber-Kriminelle durchgeführt, die im großen Stil über alle Kontinente verteilt Banking-Trojaner eingesetzt haben.
http://heise.de/-2729777
Windows Server 2003 noch auf Drittel aller Server: Support-Ende im Juli
Am 14. Juli endet der Support von Windows Server 2003, Server 2003 R2 und Small Business Server 2003. Ab dann wird es für das zwölf Jahre alte System keine neuen Updates, Hotfixes oder Sicherheits-Aktualisierung mehr geben.
http://derstandard.at/2000018075592
Polycom RealPresence Resource Manager critical vulnerabilities allow surveillance on conferences
Multiple remote vulnerabilities (arbitrary file disclosure, path traversal, arbitrary file upload, privilege escalation in the web application) combined with local vulnerabilities (sudo misconfiguration, weak filesystem permissions) allow an ..
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150626-0_Polycom_RealPresence_Resource_Manager_Critical_Vulnerabilities_v10.txt
Siemens Climatix BACnet/IP Communication Module Cross-site Scripting Vulnerability
This advisory provides mitigation details for an identified cross-site scripting vulnerability in the Siemens Climatix BACnet/IP communication module.
https://ics-cert.us-cert.gov/advisories/ICSA-15-176-01
PACTware Exceptional Conditions Vulnerability
This advisory provides mitigation details for a handling of exceptional conditions vulnerability in the PACTware Consortium PACTware application.
https://ics-cert.us-cert.gov/advisories/ICSA-15-176-02
Latest spam filter test sees significant drop in catch rates
Despite a drop in catch rates, 15 products earn a VBSpam award, with four earning a VBSpam+ award.Spam is notoriously volatile and thus, while we like to make the news headlines with our tests as much as anyone, we would warn against ..
http://www.virusbtn.com/blog/2015/06_26.xml
ZDI-15-262: HP System Management Homepage Single Sign On Stack Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard System Management Homepage. Authentication is not required to exploit this vulnerability.
http://www.zerodayinitiative.com/advisories/ZDI-15-262/