End-of-Shift report
Timeframe: Donnerstag 14-04-2016 18:00 − Freitag 15-04-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Cisco Unified Computing System Platform Emulator Command Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe1
Cisco Unified Computing System Platform Emulator Filename Argument Handling Buffer Overflow Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2
Vorgebliches Flash-Update installiert unerwünschte Mac-Programme
Erneut ist ein als Flash-Aktualisierung getarnter Installer im Umlauf, der ungewollte OS-X-Programme einspielt. Ein Entwickler-Zertifikat stellt die Schutzfunktion Gatekeeper ruhig.
http://heise.de/-3174793
Bedep has raised its game vs Bot Zombies
http://malware.dontneedcoffee.com/2016/04/bedepantiVM.html
Xen hugetlbfs Support Lets Local Users on a Guest System Cause Denial of Service Conditions on the Guest System
http://www.securitytracker.com/id/1035569
Banking Trojans Nymaim, Gozi Merge to Steal $4M
'Double-headed beast' Trojan, GozNym, drains $4 million from banks in past two weeks.
http://threatpost.com/banking-trojans-nymaim-gozi-merge-to-steal-4m/117412/
Ransomware authors use the bitcoin blockchain to deliver encryption keys
Ransomware authors are using the bitcoin blockchain, which serves as the cryptocurrencys public transaction ledger, to deliver decryption keys to victims.The technique, which removes the burden of maintaining a reliable website-based ..
http://www.cio.com/article/3056604/ransomware-authors-use-the-bitcoin-blockchain-to-deliver-encryption-keys.html
VMSA-2016-0004
VMware product updates address a critical security issue in the VMware Client Integration Plugin
http://www.vmware.com/security/advisories/VMSA-2016-0004.html
HTTP Public Key Pinning: How to do it right, (Thu, Apr 14th)
[Thanks to Felix aka @nexusnode for inspiring this post. Also, see his blog post [1] for more details] One of the underutilizedsecurity measures I mentioned recently was HTTP Public Key Pinning, or HPKP. First again, what is HPKP: HPKP adds a special header to the HTTP response. This header lists hashes ..
https://isc.sans.edu/diary.html?storyid=20943
Researchers Crack Microsoft and Google's Shortened URLs to Spy on People
They were even able to identify a young woman whod sought Google Maps directions to a Planned Parenthood clinic.
http://www.wired.com/2016/04/researchers-cracked-microsoft-googles-shortened-urls-spy-people/
Russia sends exploit kit author to the GULAG for seven years
♫ Mothers, dont let your babies grow up to be hackers ♫ The author of the infamous "Blackhole" exploit kit has been sentenced to seven years in a Russian penal colony, local media report.
www.theregister.co.uk/2016/04/15/blackhole_paunch_sentence/
OGH: Unternehmer bei "Phishing"-Attacke vom Konto selbst schuld
http://derstandard.at/2000034923248-406
AJAX Random Post <= 2.00 - Unauthenticated Reflected Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8450
HDW WordPress Video Gallery <= 1.2 - Unauthenticated Reflected Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8449
Blackberry: Kanadische Polizei besitzt seit 2010 Zentralschlüssel
Wurde genutzt um über die Jahre Millionen BBM-Nachrichten mitzulesen
http://derstandard.at/2000034940341
Sierra Wireless ACEmanager Information Exposure Vulnerability
This advisory contains mitigation details for an exposure of sensitive information vulnerability in the Sierra Wireless ACEmanager application.
https://ics-cert.us-cert.gov/advisories/ICSA-16-105-01
Accuenergy Acuvim II Series AXM-NET Module Vulnerabilities
This advisory contains mitigation details for authentication bypass vulnerabilities in Accuenergy's Acuvim II Series AXM-NET module.
https://ics-cert.us-cert.gov/advisories/ICSA-16-105-02
QuickTime unter Windows deinstallieren - JETZT!
Da zwei kritische Lücken in QuickTime für Windows klaffen und Apple die Anwendung nicht mehr unterstützt, ..
http://heise.de/-3175518