Tageszusammenfassung - Freitag 8-01-2016

End-of-Shift report

Timeframe: Donnerstag 07-01-2016 18:00 − Freitag 08-01-2016 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter

Upcoming Security Updates for Adobe Acrobat and Reader (APSB16-02)

A prenotification Security Advisory (APSB16-02) has been posted regarding upcoming updates for Adobe Acrobat and Reader scheduled for Tuesday, January 12, 2016. We will continue to provide updates on the upcoming release via the Security Advisory as well as the...

https://blogs.adobe.com/psirt/?p=1308

Android-powered smart TVs targeted by malicious apps

Smart TVs running older versions of Android are being targeted by several websites offering apps containing malware, according to Trend Micro.The security vendor wrote on Thursday that it found a handful of app websites targeting people in the U.S. and Canada by offering the malicious apps.The apps are exploiting a flaw in Android that dates to 2014, showing that many smart TVs do not have the latest patches."Most smart TVs today use older versions of Android, which still contain this...

http://www.cio.com/article/3020357/android-powered-smart-tvs-targeted-by-malicious-apps.html#tk.rss_security

Good news, OAuth is almost secure

Boffins turn up a couple of protocol vulns in Facebooks login stanard German boffins believe there are protocol flaws in Facebooks ubiquitous OAuth protocol that render it vulnerable to attack.

http://go.theregister.com/feed/www.theregister.co.uk/2016/01/08/good_news_oauth_is_ialmosti_secure/

Anschlussmissbrauch durch schwerwiegende Lücke bei o2

Seit über einem Jahr versucht o2 eine Schwachstelle im DSL-Netz zu schließen, durch die man fremde VoIP-Anschlüsse kapern kann. Bisher ist das nur zum Teil gelungen.

http://heise.de/-3066225

Checkpoint chaps hack whacks air-gaps flat

Bought a shiny IP KVM? Uh-oh 32c3 Checkpoint malware men Yaniv Balmas and Lior Oppenheim have developed an air gap-hopping malware system that can quietly infect, plunder, and maintain persistence on networked and physically separated computers.

http://go.theregister.com/feed/www.theregister.co.uk/2016/01/08/checkpoint_chaps_hack_whacks_airgaps_flat/

Streaming-Dongle EZCast öffnet Hintertür ins Heimnetzwerk

Sicherheitsforscher haben Schwachstellen im HDMI-Dongle EZCast entdeckt. Über die können sich Angreifer Zugang zum Heimnetzwerk des Anwenders verschaffen - unabhängig davon, wie gut das Netz sonst geschützt ist.

http://heise.de/-3066210

Sicherheitspatches: VMware unterbindet Rechteausweitung

VMware dichtet seine Anwendungen ESXi, Fusion, Player und Workstation ab. Die abgesicherten Versionen stehen für Linux, OS X und Windows bereit. Von der Lücke scheint aber nur Windows bedroht zu sein.

http://www.heise.de/newsticker/meldung/Sicherheitspatches-VMware-unterbindet-Rechteausweitung-3066757.html?wt_mc=rss.ho.beitrag.rdf

Blocking Shodan isnt some sort of magical fix that will protect your data

Earlier this week, a threat alert from Check Point singled out Shodan as a risk to enterprise operations. The advisory warns Check Point customers about the service, highlighting some of the instances where sensitive data was exposed to the public because Shodan indexed it. When asked about the advisory [archive], Ron Davidson, Head of Threat Intelligence and Research at Check Point, said the company was seeing an increase in the variety and frequency of suspect scans, "including scanners...

http://www.csoonline.com/article/3020108/techology-business/blocking-shodan-isnt-some-sort-of-magical-fix-that-will-protect-your-data.html#tk.rss_applicationsecurity

Apple beseitigt gravierende QuickTime-Sicherheitslücken für Windows

Angreifer können mit Hilfe einer manipulierten Videodatei Schadcode einschleusen, erklärt Apple. Das Update beseitigt die Schwachstellen in Windows 7 und Vista.

http://heise.de/-3067145

Cracking Damn Insecure and Vulnerable App (DIVA) - Part 2:

In the previous article, we have seen the solutions for the first two challenges. In this article we will discuss the insecure data storage vulnerabilities in DIVA.

http://resources.infosecinstitute.com/cracking-damn-insecure-and-vulnerable-app-diva-part-2/

rt-sa-2015-005

o2/Telefonica Germany: ACS Discloses VoIP/SIP Credentials

https://www.redteam-pentesting.de/advisories/rt-sa-2015-005.txt

VMSA-2016-0001

VMware ESXi, Fusion, Player, and Workstation updates address important guest privilege escalation vulnerability

http://www.vmware.com/security/advisories/VMSA-2016-0001.html

PHP Bugs May Let Remote Users Obtain Potentially Sensitive Information, Gain Elevated Privileges, or Execute Arbitrary Code

http://www.securitytracker.com/id/1034608

APPLE-SA-2016-01-07-1 QuickTime 7.7.9

APPLE-SA-2016-01-07-1 QuickTime 7.7.9[Re-sending with a valid signature]QuickTime 7.7.9 is now available and addresses the following:QuickTimeAvailable for: Windows 7 and Windows VistaImpact: Viewing a maliciously crafted movie file may lead to an [...]

http://prod.lists.apple.com/archives/security-announce/2016/Jan/msg00001.html

DFN-CERT-2016-0001: Mozilla Firefox, Network Security Services, OpenSSL, GnuTLS: Eine Schwachstelle ermöglicht das Umgehen von Sicherheitsvorkehrungen

https://portal.cert.dfn.de/adv/DFN-CERT-2016-0001/

USN-2865-1: GnuTLS vulnerability

Ubuntu Security Notice USN-2865-18th January, 2016gnutls26, gnutls28 vulnerabilityA security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTSSummaryGnuTLS could be made to expose sensitive information over the network.Software description gnutls26 - GNU TLS library gnutls28 - GNU TLS library DetailsKarthikeyan Bhargavan and Gaetan Leurent discovered that GnuTLS incorrectlyallowed MD5 to be used for TLS 1.2 connections. If a remote...

http://www.ubuntu.com/usn/usn-2865-1/

Bugtraq: [security bulletin] HPSBUX03435 SSRT102977 rev.1 - HP-UX Web Server Suite running Apache, Remote Denial of Service (DoS)

http://www.securityfocus.com/archive/1/537254