End-of-Shift report
Timeframe: Dienstag 29-03-2016 18:00 − Mittwoch 30-03-2016 18:00
Handler: Robert Waldner
Co-Handler: Alexander Riepl
CareFusion Pyxis SupplyStation System Vulnerabilities
This medical advisory contains mitigation details for numerous third-party software vulnerabilities in end-of-life versions of CareFusion's Pyxis SupplyStation system.
https://ics-cert.us-cert.gov/advisories/ICSMA-16-089-01
Websites Hacked Redirect to Porn from PDF / DOC Links
We write a lot about various blackhat SEO hacks on this blog and most of you are already familiar with such things as doorways, cloaking and SEO poisoning. This time we'll tell you about yet another interesting blackhat SEO attack that we've been watching for the last year. Let's begin with ..
https://blog.sucuri.net/2016/03/pdf-doc-urls-redirect-to-porn.html
CloudFlare <= 1.3.20 - Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8428
The Topology of Malicious Activity on IPv4
There has been a great deal of academic and industry focus on identifying malicious activity across autonomous systems, and for good reasons. Over 50% of 'good' Internet traffic comes from large, ocean-like ASes pushing content from companies like Netflix, Google, Facebook, Apple and Amazon. However, ..
http://www.suchin.co/2016/03/23/Topology-Of-Malicious-Activity/
Betriebssystem: OpenBSD 5.9 filtert weitgehend Systemaufrufe
Die Funktion zum Filtern und Beschränken von Systemaufrufen ist in OpenBSD 5.9 um viele Anwendungen erweitert worden. Außerdem unterstützt das System nun neuere Laptops besser - dank UEFI und WLAN nach 802.11n.
http://www.golem.de/news/betriebssystem-openbsd-5-9-filtert-weitgehend-systemaufrufe-1603-120030.html
Scammers Impersonate ISPs in New Tech Support Campaign
Scammers devise a new ploy to trick users into thinking their own ISP is warning them about malware.
https://blog.malwarebytes.org/threat-analysis/2016/03/scammers-impersonate-isps-in-new-tech-support-campaign/
[HTB23298]: Multiple Vulnerabilities in CubeCart
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in popular open source shopping software CubeCart. The discovered vulnerabilities allow a remote attacker to compromise vulnerable website and its databases, and conduct sophisticated attacks against its users.
https://www.htbridge.com/advisory/HTB23298
System Integrity Protection: Apples rootfreie Zone ist gar nicht so rootfrei
Apple will mit El Capitan verhindern, dass böse Jungs mit Root-Rechten ihr System kaputt machen. Leider hat das auch als Rootless bekannte Sicherheitskonzept viele Lücken und funktioniert deswegen momentan nicht ganz.
http://heise.de/-3157130
Der Liebling aller Cyber-Kriminellen: Flash
In den Top-15 der am meisten genutzten Sicherheitslücken finden sich allein 13 Schwachstellen in Flash, berichten die Antiviren-Experten der finnischen Firma F-Secure.
http://heise.de/-3157553