End-of-Shift report
Timeframe: Dienstag 07-07-2015 18:00 − Mittwoch 08-07-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Security Advisory for Adobe Flash Player (APSA15-03)
A Security Advisory (APSA15-03) has been published regarding a critical vulnerability (CVE-2015-5119) in Adobe Flash Player 18.0.0.194 and earlier versions for Windows, ..
https://blogs.adobe.com/psirt/?p=1223
Security Updates Available for Adobe Flash Player (APSB15-16)
A security bulletin (APSB15-16) has been published regarding security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially ..
https://blogs.adobe.com/psirt/?p=1228
Multiple vulnerabilities in Cisco products
http://tools.cisco.com/security/center/viewAlert.x?alertId=39675
http://tools.cisco.com/security/center/viewAlert.x?alertId=39643
http://tools.cisco.com/security/center/viewAlert.x?alertId=39641
http://tools.cisco.com/security/center/viewAlert.x?alertId=39623
CVE-2015-5119 (HackingTeam 0d - Flash up to 18.0.0.194) and Exploit Kits
http://malware.dontneedcoffee.com/2015/07/hackingteam-flash-0d-cve-2015-xxxx-and.html
When ‘int’ is the new ‘short’
This is going to be a quick post, just describing a particularly interesting Chrome issue that I found last month; how I found it; and what is interesting about it�I was looking through some Chrome networking code; and I noticed an interesting API design ..
http://googleprojectzero.blogspot.com/2015/07/when-int-is-new-short.html
Windows 10 kann WLAN-Passwörter an Kontakte verteilen
In Windows 10 lässt sich das WLAN-Passwort automatisch an Facebook-Freunde oder Skype-Kontakte verteilen. Das erspart das lästige Diktieren von Kennwörtern bei Besuch, bringt aber auch Risiken mit sich.
http://www.golem.de/news/it-sicherheit-windows-10-kann-wlan-passwoerter-an-kontakte-verteilen-1507-115107.html
Schwachstelle in Nameserversoftware BIND 9
Ein Angreifer, der einen Nameserver mit aktivierter DNSSEC-Validierung dazu bringen kann, eine Zone mit speziellem Inhalt abzufragen, kann den Nameserver zum Absturz bringen.
https://cert.at/warnings/all/20150708.html
"Zero-Day"-Sicherheitslücke in Adobe Flash Player (aktiv ausgenützt) - Patches jetzt verfügbar
Durch Ausnutzen dieser Lücke kann ein Angreifer vermutlich vollständige Kontrolle über betroffene Systeme erlangen. Damit sind alle Daten auf diesen Systemen, sowie alle durch diese erreichbaren (etwa durch Login, VPN etc.) Daten und Systeme gefährdet.
https://cert.at/warnings/all/20150708-2.html
Dyre Banking Trojan Exploits CVE-2015-0057
CVE-2015-0057 is a Use-After-Free vulnerability that exists in the win32k.sys component of the Windows Kernel which can be exploited to perform local privilege escalation. The vulnerability was reported to Microsoft by Udi Yavo, and, after the patch ..
https://www.fireeye.com/blog/threat-research/2015/07/dyre_banking_trojan.html
Prenotification: Upcoming Security Updates for Adobe Acrobat and Reader (APSB15-15)
A prenotification security advisory has been posted regarding upcoming Adobe Acrobat and Reader updates scheduled for Tuesday, July 14, 2015. We will continue to provide updates on the upcoming release via the Security Bulletins and Advisories page as well ..
https://blogs.adobe.com/psirt/?p=1232
Wild Neutron – Economic espionage threat actor returns with new tricks
A powerful threat actor known as “Wild Neutron” (also known as “Jripbot” and “Morpho”) has been active since at least 2011, infecting high profile companies for several years by using a combination of exploits, watering holes and multi-platform malware.
https://securelist.com/blog/research/71275/wild-neutron-economic-espionage-threat-actor-returns-with-new-tricks/