End-of-Shift report
Timeframe: Mittwoch 30-03-2016 18:00 − Donnerstag 31-03-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Auch Google sollte für US-Behörden Smartphones entsperren
Alles dreht sich im aktuellen Streit um gesperrte Smartphones von mutmaßlichen Straftätern um Apple und das FBI - US-Behörden haben aber auch an Google zahlreiche derartiger Aufforderungen verschickt. Das hat die Bürgerrechtsvereinigung ACLU herausgefunden.
http://www.golem.de/news/nicht-nur-apple-auch-google-sollte-fuer-us-behoerden-smartphones-entsperren-1603-120050.html
Lücke bei SAP-Software: Hunderttausende Unternehmen gefährdet
Deutsche Behörden stufen die Mängel als "kritisch" ein, erst seit Oktober behoben
http://derstandard.at/2000033938536
Trend-Micro-Produkte öffneten triviale Hintertür
Antiviren-Software soll das System vor bösartiger Software schützen. Immer öfter stellt sich jedoch heraus, dass sie selbst als Einfallstor dienen kann. Ein Sicherheitsexperte demonstriert das zum wiederholten Mal mit Trend Micros Security-Produkten.
http://heise.de/-3159436
Automatisierte Medikamenten-Verteiler mit über 1400 Sicherheitslücken
Veraltete SupplyStation-Systeme sind nach wie vor in Krankenhäusern im Einsatz und haben tausende Sicherheitslücken. Das ICS-CERT in den USA warnt deswegen vor dem Sicherheitsrisiko durch diese Medikamenten-Verteiler.
http://heise.de/-3159439
Snort Covert Channels
Lab 3: Covert Channels Covert channels are used by outside attackers to establish communications with the compromised system, or by malicious insiders to secretly transfer data to unauthorized locations. There are various implementations ..
http://resources.infosecinstitute.com/snort-covert-channels/
Security best practices for git users
In recent years git has become one of most popular SCM/Version Control systems. Usage in some high-profile open-source projects like Linux or Raspberry Pi and support from vendors like GitHub and GitLab definitively helped to gain fame. As ..
http://resources.infosecinstitute.com/security-best-practices-for-git-users/
PowerWare 'Fileless Infection' Deepens Ransomware Conundrum for Healthcare Providers
The recent wave of ransomware attacks on healthcare institutions is not only raising questions about contingency planning, but also about whether healthcare is becoming the 'go-to' target for cyber extortionists looking to make quick ..
https://www.alienvault.com/blogs/security-essentials/powerware-fileless-infection-deepens-ransomware-conundrum-for-healthcare-providers
DFN-CERT PGP-Schlüssel
https://www.dfn-cert.de/aktuell/dfn-cert-schluessel.html
Cisco Firepower Malware Block Bypass Vulnerability
A vulnerability in the malicious file detection and blocking features of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp
Let Me Get That Door for You: Remote Root Vulnerability in HID Door Controllers
If you've ever been inside an airport, university campus, hospital, government complex, or office building, you've probably seen one of HID's brand of card readers standing guard over a restricted area. HID is one of the world's largest ..
http://blog.trendmicro.com/let-get-door-remote-root-vulnerability-hid-door-controllers/
The Linux Remaiten malware is building a Botnet of IoT devices
Experts from the ESET firm have spotted a new threat in the wild dubbed Remaiten that targets embedded systems to recruit them in a botnet. ESET is actively monitoring malicious codes that target IoT systems such as routers, gateways ..
http://securityaffairs.co/wordpress/45820/iot/linux-remaiten-iot-botnet.html
Ransomware Petya - a technical review
In March 24, researchers at G DATA received a sample of a new type of ransomware which was dubbed 'Petya'. Unlike other types of ransomware, Petya prevents the operating system from starting by manipulating the MBR and installing its own ..
https://blog.gdatasoftware.com/2016/03/28226-ransomware-petya-a-technical-review