End-of-Shift report
Timeframe: Donnerstag 09-07-2015 18:00 − Freitag 10-07-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Multiple vulnerabilities in Cisco TelePresence products
http://tools.cisco.com/security/center/viewAlert.x?alertId=39798
http://tools.cisco.com/security/center/viewAlert.x?alertId=39802
http://tools.cisco.com/security/center/viewAlert.x?alertId=39801
http://tools.cisco.com/security/center/viewAlert.x?alertId=39795
http://tools.cisco.com/security/center/viewAlert.x?alertId=39796
http://tools.cisco.com/security/center/viewAlert.x?alertId=39800
http://tools.cisco.com/security/center/viewAlert.x?alertId=39797
VMSA-2015-0005
VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process.
http://www.vmware.com/security/advisories/VMSA-2015-0005.html
The Massive OPM Hack Actually Hit 21 Million People
The massive hack that struck the US Office of Personnel Management affected some 21.5 million people, all of them people who had information stolen about them from a backgrounds investigation database used for evaluating people who sought classified clearances from the government.
http://www.wired.com/2015/07/massive-opm-hack-actually-affected-25-million/
Yubikeys Zwei-Faktor-Authentifizierung unter Linux nutzen
Mit Hilfe des Yubikeys lässt sich eine verschlüsselte Systempartition unter Linux zusätzlich per Zwei-Faktor-Authentifizierung absichern. In dieser Kombination kann auch ein bequemeres Kennwort genutzt werden.
http://www.golem.de/news/systemverschluesselung-yubikeys-zwei-faktor-authentifizierung-unter-linux-nutzen-1507-115155.html
Magento-Patch: Update soll Kundendaten-Leck stopfen
Im Shop-System Magento klaffen Lücken, die es Angreifern erlauben, Admin-Konten zu kapern und Kundendaten auszulesen. Der Hersteller hat jetzt einen Patch veröffentlicht, der Abhilfe schaffen soll.
http://heise.de/-2747984
Hacking Team Shows the World How Not to Stockpile Exploits
Bank robber Willie Sutton’s famous line about why he robs banks—“because that’s where the money is”—was particularly apt this week after the Italian firm Hacking Team was hacked and at least two zero-day exploits the firm possessed were spilled to the public, along with about 400 gigabytes of company emails and other data.
http://www.wired.com/2015/07/hacking-team-shows-world-not-stockpile-exploits/
Rootkits: User Mode & Kernel Mode - Part 1
In this article, we will learn about what rootkits are and how they operate. The focus will be on two types of Rootkits exploits: User Mode & Kernel Mode, what are the various ways in which rootkits exploit in both modes. In this Part we will learn ..
http://resources.infosecinstitute.com/rootkits-user-mode-kernel-mode-part-1/
Programmier-Tipps für die BIOS-Backdoor
Der Hacker Cr4sh erklärt, wie er eine Hintertür in die UEFI-Firmware eines Intel-Mainboards einbaut. Dabei zeigen sich einmal mehr kritische Lücken in der x86-Plattform, vor allem beim System Management Mode.
http://heise.de/-2748219