Tageszusammenfassung - Freitag 21-10-2016

End-of-Shift report

Timeframe: Donnerstag 20-10-2016 18:00 − Freitag 21-10-2016 18:00 Handler: Robert Waldner Co-Handler: Alexander Riepl

iCloud Phishing Campaign Zycode Back From the Dead

http://threatpost.com/icloud-phishing-campaign-zycode-back-from-the-dead/121424/

---

EMC Avamar Data Store and Virtual Edition Unspecified Flaw Lets Remote Authenticated Users Gain Elevated Privileges

http://www.securitytracker.com/id/1037066

---

Hack.lu 2016 Wrap-Up Day #3

The third day is already over! I’m just back at home so it’s time for a last quick wrap-up before recovering before BruCON which is organized next week! Damien ..

https://blog.rootshell.be/2016/10/20/hack-lu-2016-wrap-day-3/

---

Oracle Critical Patch Update Advisory - October 2016

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

---

Moxa EDR-810 Industrial Secure Router Privilege Escalation Vulnerability

This advisory contains mitigation details for a privilege escalation vulnerability in Moxa’s EDR-810 Industrial Secure Router.

https://ics-cert.us-cert.gov/advisories/ICSA-16-294-01

---

“Most serious” Linux privilege-escalation bug ever is under active exploit (updated)

While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation .. http://arstechnica.com/security/2016/10/most-serious-linux-privilege-escalation-bug-ever-is-under-active-exploit/

---

CVE-2016-2848: A packet with malformed options can trigger an assertion failure in ISC BIND versions released prior to May 2013

A packet with a malformed options section can be used to deliberately trigger an assertion ..

https://kb.isc.org/article/AA-01433/74/CVE-2016-2848

---

Nagios XI 5.2.9 Cross Site Scripting / Open Redirect

https://cxsecurity.com/issue/WLB-2016100203

---

Doctor Web examines new backdoor for Linux

October 20, 2016 Most backdoor Trojans are created for Microsoft Windows; however, a few of them can infect Linux devices. This rare type of Trojan ..

http://news.drweb.com/show/?i=10265&lng=en&c=9

---

Vuln: Multiple Synology DiskStation Products CVE-2016-6554 Insecure Default Password Vulnerability

http://www.securityfocus.com/bid/93805

---

Warnung vor gefälschter BAWAG PSK-Phishingmail

In einer gefälschten BAWAG PSK-Nachricht behaupten Kriminelle, dass es „einer dringenden ..

https://www.watchlist-internet.at/phishing/warnung-vor-gefaelschter-bawag-psk-phishingmail/

---

Dridex - an old dog is learning new tricks

A lot of things have been said and written about Dridex in the past few months. It has risen and fallen in prevalence and it was rumored that its makers collaborate ..

https://blog.gdatasoftware.com/2016/10/29261-dridex-an-old-dog-is-learning-new-tricks

---

New ESET research paper puts Sednit under the microscope

Security researchers at ESET have released their latest research into the notorious Sednit ..

http://www.welivesecurity.com/2016/10/20/new-eset-research-paper-puts-sednit-under-the-microscope/

---

SSA-296574 (Last Update 2016-10-21): Denial of Service in SICAM RTU Devices

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-296574.pdf

---

Hax0rs sow Discord by using VoIP service to sling malware at gamers

Not even playtimes safe these days Hackers abused a free VoIP service for gamers to distribute remote-access Trojans and other malware. www.theregister.co.uk/2016/10/21/gaming_voip_service_malware_abuse/

DDoS on Dyn Impacts Twitter, Spotify, Reddit

Criminals this morning massively attacked Dyn, a company that provides core Internet services ..

https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-reddit/