Tageszusammenfassung - Dienstag 28-07-2015

End-of-Shift report

Timeframe: Montag 27-07-2015 18:00 − Dienstag 28-07-2015 18:00 Handler: Alexander Riepl Co-Handler: n/a

Cisco Firepower 9000 Series Unauthenticated Web Page Vulnerability

http://tools.cisco.com/security/center/viewAlert.x?alertId=40136

---

Cisco Email Security Appliance AsyncOS Cross-Site Scripting Vulnerability

http://tools.cisco.com/security/center/viewAlert.x?alertId=40172

---

Angler Exploit Kit Used to Find and Infect PoS Systems

An attack aiming to infect PoS systems was found using the Angler Exploit Kit to push a PoS reconnaissance Trojan,This Trojan, detected as TROJ_RECOLOAD.A, checks for multiple conditions in the infected system like if it is a PoS machine or part of a PoS ..

http://blog.trendmicro.com/trendlabs-security-intelligence/angler-exploit-kit-used-to-find-and-infect-pos-systems/

---

PHP File Manager hat gravierende Sicherheitslücken

Seit Jahren ungepatchte Schwachstellen im PHP File Manager gefährden zahlreiche Server, darunter auch von großen Unternehmen. Der Hersteller reagiert nicht auf Anfragen

http://www.golem.de/news/security-php-file-manager-hat-gravierende-sicherheitsluecken-1507-115457.html

---

2. Konferenz zur Cyber Security Challenge: Das Programm steht

Die Gefahren und andererseits die Möglichkeiten zum Schutz und der Prävention vor Cyberangriffen sind das zentrale Thema der 2. Konferenz zur Cyber Security Challenge Germany Mitte September in Berlin.

http://heise.de/-2761878

---

[2015-07-28] McAfee Application Control multiple vulnerabilities

McAfee Application Control contains multiple vulnerabilities which can be used by an attacker to bypass the provided application whitelisting protection and attack availability of the system. Moreover, the identified vulnerabilities negatively affect the security of the underlying operating system.

https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150728-0_McAfee_Application_Control_Multiple_Vulnerabilities_v10.txt

---

IMI 2015 - IT meets Industry 29.-30. September 2015

Interconnecting IT and Automation offers great opportunities for the operation of industrial production sites. However, this may carry along some complex risks. With the title “IT meets Industry” IMI 2015 brings together the ICS- and IT-Community. The goal: make the most of opportunities – and minimise risks.

https://it-meets-industry.de/

---

Honeynet-Projekt analysiert Gefahren für Industrie 4.0

Acht Monate lang beobachteten Experten des TÜV SÜD, welche Angriffe von wo aus auf ihr simuliertes Wasserwerk erfolgten. Ihre Erkenntnisse sollten arglose Unternehmen spätestens jetzt wachrütteln.

http://heise.de/-2763978

---

Aaron Zauner presented preliminary results on TLS usage in email

Aaron Zauner presented our preliminary results on the usage of TLS in the email ecosystem at the IETF meeting last week. As part of our project TLSiP we are actively scanning the Internet (/0) for TLS configurations as well as its problems with it. As ..

https://www.sba-research.org/2015/07/28/aaron-zauner-presented-preliminary-results-on-tls-usage-in-email/

---

The Russian Underground - Revamped

When big breaches happen and hundreds of millions of credit card numbers and SSNs get stolen, they resurface in other places. The underground now offers a vast landscape of shops, where criminals can buy credit cards and other things at irresistible prices. Million dollar breaches News and media coverage ..

http://blog.trendmicro.com/trendlabs-security-intelligence/the-russian-underground-revamped/

---

Cisco 2015 Midyear Security Report [PDF]

http://www.cisco.com/web/offers/pdfs/cisco-msr-2015.pdf

---

Security: Apples App Store als Einfallstor für Schadcode

Über eine Schwachstelle in der Verarbeitung von Belegen für Einkäufe in Apples App Store lässt sich Code auf fremden Rechnern einschleusen.

http://www.golem.de/news/security-apples-app-store-als-einfallstor-fuer-schadcode-1507-115466.html