End-of-Shift report
Timeframe: Montag 11-01-2016 18:00 − Dienstag 12-01-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Angler Exploit Kit Continues to Evade Detection: Over 90,000 Websites Compromised
Exploit Kits (EK), arguably the most impactful malicious infrastructure on the Internet, constantly evolve to evade detection by security technology. Tremendous effort has been spent on tracking new variations of different EK families. In ..
http://researchcenter.paloaltonetworks.com/2016/01/angler-exploit-kit-continues-to-evade-detection-over-90000-websites-compromised/
Mac OS X, iOS, and Flash Had the Most Discovered Vulnerabilities in 2015
Interesting analysis: Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apples Mac OS X, with 384 vulnerabilities. The runner-up? Apples iOS, with 375 vulnerabilities. Rounding out the top five are Adobes Flash Player, with 314 vulnerabilities; Adobes AIR ..
https://www.schneier.com/blog/archives/2016/01/mac_os_x_ios_an.html
DSA-3440 sudo - security update
When sudo is configured to allow a user to edit files under a directory that they can already write to without using sudo, they can actuallyedit (read and write) arbitrary files. Daniel Svartman reported that aconfiguration like this might ..
https://www.debian.org/security/2016/dsa-3440
Ransom32 - look at the malicious package
Ransom32 is a new ransomware implemented in a very atypical style. In our post, we will focus on some implementation details of the malicious package.
https://blog.malwarebytes.org/intelligence/2016/01/ransom32-look-at-the-malicious-package/
Say 'Cyber' again - Ars cringes through CSI: Cyber
CBS endangered cyber-procedural: Plane hacking! Software defined radio! White noise! OMG!
http://arstechnica.com/the-multiverse/2016/01/say-cyber-again-ars-cringes-through-csi-cyber/
McAfee Application Control - The dinosaurs want their vuln back
The experts of the SEC Consult Vulnerability Lab conducted research in the field of the security of application whitelisting in critical infrastructures. In the course of that research the security of McAfee Application Control was checked.The experts developed several methods to bypass the provided protections ..
http://blog.sec-consult.com/2016/01/mcafee-application-control-dinosaurs.html
(ISC)2 SecureAustria
How can we know what we are protecting if we struggle to understand and keep up with how we and our organizations are changing? It�s time to get a grip on the far-reaching and fundamental changes that are occurring in business today.
https://www.sba-research.org/events/isc2-secureaustria/
Sicherheit: Aus für alte IE-Versionen trifft jeden fünften Webnutzer
Über die Jahre hat Microsoft eine Fülle unterschiedlicher Versionen des Internet Explorers veröffentlicht. Nun entledigt man sich der Support-Pflichten für einen großen Teil derselben: Ab sofort liefert Microsoft keinerlei Updates mehr für Internet Explorer 8 bis 10.
http://derstandard.at/2000028882047
Cops Say They Can Access Encrypted Emails on So-Called PGP BlackBerrys
Dutch investigators have confirmed to Motherboard that they are able to read encrypted messages sent on PGP BlackBerry phones�custom, security-focused BlackBerry devices that come complete with an encrypted email feature, and which reportedly may be used by organized criminal groups.
https://motherboard.vice.com/read/cops-say-they-can-access-encrypted-emails-on-so-called-pgp-blackberrys
Ongoing Sophisticated Malware Campaign Compromising ICS (Update C)
This alert update is a follow-up to the updated NCCIC/ICS-CERT Alert titled ICS-ALERT-14-281-01B Ongoing Sophisticated Malware Campaign Compromising ICS that was published December 10, 2014, on the ICS-CERT web site. | ICS-CERT has identified a sophisticated malware campaign that has compromised numerous ..
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-14-281-01B
Experts warn Neutrino and RIG exploit kit activity spike
Security experts at Heimdal Security are warning a spike in cyber attacks leveraging the popular Neutrino and RIG exploit kit. Cyber criminals always exploit new opportunities and users' bad habits, now crooks behind the recent campaigns relying on Neutrino and RIG exploit kits are ramping up attacks ..
http://securityaffairs.co/wordpress/43482/cyber-crime/neutrino-rig-exploit-kit.html
Group using DDoS attacks to extort business gets hit by European law enforcement
On 15 and 16 December, law enforcement agencies from Austria, Bosnia and Herzegovina, Germany and the United Kingdom joined forces with Europol in the framework of an operation against the ...
http://www.net-security.org/secworld.php?id=19314
Schwere Sicherheitslücken im Passwort-Manager von Trend Micro
Google-Forscher Tavis Ormandy deckt wieder einmal Schwachstellen in Anti-Viren-Software auf. Bei Trend Micro stellt er konsterniert fest: "Das Lächerlichste, was ich je gesehen habe."
http://heise.de/-3069140
UPC: Standard-WLAN-Passwörter kinderleicht zu knacken
Neuer Hack erlaubt Berechnung basierend auf der ESSID – UPC prüft Klage gegen Sicherheitsforscher.
http://derstandard.at/2000028921659
An Easy Way for Hackers to Remotely Burn Industrial Motors
Devices that control the speed of industrial motors operating water plant pumps and other equipment can be remotely hacked and destroyed.
http://www.wired.com/2016/01/an-easy-way-for-hackers-to-remotely-burn-industrial-motors/