End-of-Shift report
Timeframe: Mittwoch 13-04-2016 18:00 − Donnerstag 14-04-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-ucs
JSA10733 - 2016-04 Security Bulletin: ScreenOS: Multiple Vulnerabilities in OpenSSL
http://kb.juniper.net/index/content&id=JSA10733&actp=RSS
JSA10747 - 2016-04 Security Bulletin: QFX Series: PFE panic while processing VXLAN packets (CVE-2016-1274)
http://kb.juniper.net/index/content&id=JSA10747&actp=RSS
JSA10735 - 2016-04 Security Bulletin: CTP Series: Multiple vulnerabilities in CTP Series
http://kb.juniper.net/index/content&id=JSA10735&actp=RSS
Cisco Catalyst Switches Network Mobility Services Protocol Port Information Disclosure Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-nms
Juniper bleeding data and money: slaps Band-Aids all over Junos OS and warns markets
Security fixes for privilege escalation, DoS, TLS spoofing and more Junipers code reviewers have been hard at work, and have shipped a bunch of security bug-fixes.
www.theregister.co.uk/2016/04/14/juniper_drops_a_bunch_of_junos_os_security_fixes/
Hackers hacking hackers to knacker white hat cracker trackers
These Russians speak really good Farsi and other signs thieves lack honour ACSC2016 Malware writers are selling each other out to white hats and hacking through each others infrastructure to frame rivals, Shadowservers Richard Perlotto says.
www.theregister.co.uk/2016/04/14/there_is_no_honour_among_thieves/
Entschlüsselungs-Tool verfügbar? Webseite identifiziert Erpressungs-Trojaner
Opfer von Verschlüsselungs-Trojanern können auf der Webseite ID Ransomware den Schädling identifizieren und unter anderem Infos zur Möglichkeit einer kostenlosen Entschlüsselung abrufen.
http://heise.de/-3173463
"Der Bundestrojaner ist staatliche Schadsoftware"
Für den IT-Experten Rene Pfeiffer ist die staatliche Spionagesoftware kein taugliches Mittel zur ..
http://derstandard.at/2000034779830
Hacker bringt "Flappy Bird" auf die E-Zigarette
Ist mit kleinem OLED-Bildschirm ausgestattet - Firmware zum Download gestellt
http://derstandard.at/2000034841151
Boost - Moderately Critical - Information Disclosure - SA-CONTRIB-2016-021
This module provides static page caching for Drupal enabling a very significant performance and scalability boost for sites that receive mostly anonymous traffic.The module doesnt prevent form cache from leaking between anonymous users which ..
https://www.drupal.org/node/2705765
Features - Less Critical - Denial of Service (DoS) - SA-CONTRIB-2016-020
This module enables you to organize and export configuration data.The module doesnt sufficiently protect the admin/structure/features/cleanup path with a token. If an attacker can trick an admin with the ..
https://www.drupal.org/node/2705637
Badlock: A Lateral Concern
Yesterday, what seems like the entire InfoSec industry was underwhelmed when Badlock was finally disclosed and, apparently, didn't live up to its billing. While we agree that the month-long buildup to the disclosure, and flashy logo were unnecessary, we'd like to explain why we think this vulnerability will end up providing malicious actors with a ..
https://labsblog.f-secure.com/2016/04/14/badlock-a-lateral-concern/
Snort Lab: Custom SCADA Protocol IDS Signatures
In this lab, you are going to learn how to create custom Snort signatures for the Modbus/TCP protocol. First, let's take some time to examine the Modbus TCP Target system. Start the Modbus TCP PLC Target VM. This target simulates ..
http://resources.infosecinstitute.com/snort-lab-custom-scada-protocol-ids-signatures/
East European Criminal Fastflux Infrastructure
Fast flux networks allow miscreants to make their network more resistant against takedowns. By updating and changing the A records of a domain rapidly, there is a constant changing list of IPs hosting the domain involved, ..
https://blog.team-cymru.org/2016/04/east-european-criminal-fastflux-infrastructure/
USB: Digitale Signaturen schützen vor bösartigen oder schlechten Geräten
USB-Geräte mit Typ-C-Anschluss sollen sich künftig mit kryptografischen Zertifikaten ausweisen, um Malware-Angriffe und Probleme durch inkompatible Netzteile zu vermeiden.
http://heise.de/-3173701