End-of-Shift report
Timeframe: Mittwoch 02-11-2016 18:00 − Donnerstag 03-11-2016 18:00
Handler: Stephan Richter
Co-Handler: n/a
Unpatched Vulnerability on Wix.com Puts Millions of Sites at Risk
Wix websites are vulnerable to reflective DOM cross-site scripting attack that could give attackers control of user's websites.
http://threatpost.com/unpatched-vulnerability-on-wix-com-puts-millions-of-sites-at-risk/121752/
Malware: Adwords-Anzeige verlinkt auf falschen Google Chrome
Eine Malware-Kampagne, die sich gegen Apple-Nutzer richtet, bietet gefälschte Versionen von Googles Chrome-Browser. Dabei nutzten die Betrüger ausgerechnet Googles Adword-Anzeigen, um Opfer hereinzulegen.
http://www.golem.de/news/malware-adwords-anzeige-verlinkt-auf-falschen-google-chrome-1611-124224-rss.html
Recognizing Packed Malware and its Unpacking Approaches-Part 2
In Part 1 of this article series, we had a look at the ways to recognize packed executables and various ways to automate the unpacking process. In this article, we will look at the manual process of unpacking a packed malware specimen. In the last article, we have seen how the malware specimen was packed...
http://resources.infosecinstitute.com/recognizing-packed-malware-and-its-unpacking-approaches-part-2/
Bereits 30.000 Angriffe: Experten warnen vor Joomla-Lücke
Cyberkriminelle verschaffen sich erweiterte Rechte - Webseiten-Betreiber sollten sofort auf die neueste Version updaten
http://derstandard.at/2000046902782
Barracuda: Outage caused by large number of inbound connections
Yet firm refuses to say the word DDoS. What are they hiding? Outage-hit security firm Barracuda appears to have been struck down by a DDoS - though the firm says its still investigating and refuses to confirm or deny it.
http://go.theregister.com/feed/www.theregister.co.uk/2016/11/03/barracuda_outage_firm_wont_confirm_ddos/
These 12+ Internet Crime Stories Will Make You Care about Cybersecurity [Updated]
Online security seems such an abstract and distant field, where other people get hurt, but you somehow stay safe, either by luck or internet savvy. But the truth is, it could happen to anyone, and it might even have happened to you in the past. They say that nothing beats learning from experience, but sometimes it's best...
https://heimdalsecurity.com/blog/12-true-stories-that-will-make-you-care-about-cyber-security/
Browsererweiterungen: Plötzlich nackt im Netz
Alle Suchwörter, alle Webseiten - der Browser-Verlauf eines ganzen Monats steht zum Verkauf. Unser Autor erlebte, wie das ist, wenn die eigenen Daten zur Ware werden.
http://www.golem.de/news/browsererweiterungen-ploetzlich-nackt-im-netz-1611-124235-rss.html
Ubuntu Core Snaps door shut on Linuxs new Dirty COWs
When did Linux start becoming like Windows? Canonical has released Ubuntu Core 16 for IoT, featuring Linux self-patching for a generation of users against future Bash or Dirty COWs.
http://go.theregister.com/feed/www.theregister.co.uk/2016/11/03/ubuntu_core_snaps_door_shut_on_new_dirty_cows/
HPSBUX03664 SSRT110248 rev.1 HP-UX BIND Service running named, Remote Denial of Service (DoS)
Potential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS).
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05321107
Security Advisory: BIG-IP virtual server TCP sequence numbers vulnerability
https://support.f5.com:443/kb/en-us/solutions/public/k/68/sol68401558.html?ref=rss
Security Advisory: OpenSSL vulnerability CVE-2016-6304
https://support.f5.com:443/kb/en-us/solutions/public/k/54/sol54211024.html?ref=rss
Security Advisory: BIND vulnerability CVE-2016-8864
https://support.f5.com:443/kb/en-us/solutions/public/k/35/sol35322517.html?ref=rss
IBM Security Bulletins
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects WebSphere Application Server October 2016 CPU (CVE-2016-5573, CVE-2016-5597)
http://www-01.ibm.com/support/docview.wss?uid=swg21993440
IBM Security Bulletin: Multiple vulnerabilities may affect IBM WebSphere Real Time
https://www-01.ibm.com/support/docview.wss?uid=swg21993501
IBM Security Bulletin: Lotus Protector for Mail Security Affected By Multiple Open Source OpenSSL Vulnerabilities
http://www.ibm.com/support/docview.wss?uid=swg21992348
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM) (CVE-2016-3426)
http://www-01.ibm.com/support/docview.wss?uid=swg21992149
IBM Security Bulletin: Password Disclosure via application tracing in IBM Tivoli Storage Manager Client (CVE-2016-0371)
http://www.ibm.com/support/docview.wss?uid=swg21985114
IBM Security Bulletin: A Vulnerability in OpenSource Apache Taglibs Vulnerability affect Content Integrator (CVE-2015-0254)
http://www-01.ibm.com/support/docview.wss?uid=swg21993243