End-of-Shift report
Timeframe: Freitag 15-04-2016 18:00 − Montag 18-04-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Bugtraq: [SECURITY] [DSA 3550-1] openssh security update
http://www.securityfocus.com/archive/1/538099
Out-of-date apps put 3 million servers at risk of crypto ransomware infections
1,600 schools, governments, and aviation companies already backdoored.
http://arstechnica.com/security/2016/04/3-million-servers-are-sitting-ducks-for-crypto-ransomware-infection/
Chrome extensions will soon have to tell you what data they collect
Google is about to make it harder for Chrome extensions to collect your browsing data without letting you know about it, according to a new policy announced Friday.Starting in mid-July, developers releasing Chrome extensions ..
http://www.cio.com/article/3057259/chrome-extensions-will-soon-have-to-tell-you-what-data-they-collect.html
How to Write Phishing Templates That Work
Phish Me Once Phishing isn't hard. Despite all the frightening news reports about ransomware and millions of stolen dollars and identities, people still happily click ..
http://resources.infosecinstitute.com/how-to-write-phishing-templates-that-work/
ZDI-16-244: Hewlett Packard Enterprise Vertica validateAdminConfig Remote Command Injection Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Vertica. Authentication is not required to exploit this vulnerability.
www.zerodayinitiative.com/advisories/ZDI-16-244/
ZDI-16-243: Google Chrome Pdfium JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows an attacker to leak sensitive information on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
http://www.zerodayinitiative.com/advisories/ZDI-16-243/
Splunk Enterprise Multiple Flaws Let Remote Users Bypass Security and Deny Service and Remote Authenticated Users Execute Arbitrary Code
http://www.securitytracker.com/id/1035578
'Blackhole' Exploit Kit Author Gets 7 Years
A Moscow court this week convicted and sentenced seven hackers for breaking into countless online bank accounts -- including "Paunch," the nickname used by the author of the infamous "Blackhole" exploit kit. Once an extremely ..
http://krebsonsecurity.com/2016/04/blackhole-exploit-kit-author-gets-8-years/
DSA-3551 fuseiso - security update
It was discovered that fuseiso, a user-space implementation of theISO 9660 file system based on FUSE, contains several vulnerabilities.
https://www.debian.org/security/2016/dsa-3551
leenk.me <= 2.5.0 - XSS and CSRF
https://wpvulndb.com/vulnerabilities/8457
DSA-3552 tomcat7 - security update
Multiple security vulnerabilities have been discovered in the Tomcatservlet and JSP engine, which may result in information disclosure,the bypass of CSRF protections and bypass of the SecurityManager.
https://www.debian.org/security/2016/dsa-3552
FAQ WD <= 1.0.14 - Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8455
e-search <= 1.0 - Unauthenticated Reflected Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8458
Hacking Team hacker explains how he did it
Some nine moths ago, a hacker that calls himself Phineas Fisher managed to breach the systems and networks of Hacking Team, the (in)famous Italian company that provides offensive intrusion and surveillance software to ..
https://www.helpnetsecurity.com/2016/04/18/hacking-team-hacker-explains/
Abhörsicherheit: Web.de sichert Mail-Transport zusätzlich per DANE ab
Der Schritt ist bedeutsam, weil Web.de nicht nur einer der großen deutschen Freemail-Dienste ist, sondern, weil der Mutterkonzern United Internet auch zur Initiative "E-Mail made in Germany" gehört – um die es zuletzt freilich still geworden ist.
http://heise.de/-3175333
Remote code execution, git, and OS X
Sometimes I think about all of those pictures which show a bunch of people in startups. They have their office space, which might be big, or it might be small, but they tend to have Macs. Lots of Macs. A lot of them also use git to ..
https://rachelbythebay.com/w/2016/04/17/unprotected/
Oracle Critical Patch Update Pre-Release Announcement - April 2016
This Critical Patch Update Pre-Release Announcement provides advance information about the Oracle Critical Patch Update for April 2016, which will be released on Tuesday, April 19, 2016. While this Pre-Release Announcement is as accurate ..
http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
Idiot millennials are saving credit card PINs on their mobile phones
Cleartext passwords are bad, kids, mmmkay? More than one in five 18-24 year olds (21 per cent) store PINs for credit or debit cards on their smartphones, tablets or laptops, according to research conducted by Equifax in conjunction with Gorkana.
www.theregister.co.uk/2016/04/18/storing_passwords_smartphone_bad_mkay/
Implementation of a Virtual IDS Device in Passive Mode
The arrival of server, desktop and network virtualization has brought along enormous flexibility in configuration options and a huge drop in installation and operating costs of IT networks. Due ..
http://resources.infosecinstitute.com/implementation-of-a-virtual-ids-device-in-passive-mode/
Academic network Janet clobbered with DDoS attacks - again
Funny how it always gets targeted at the end of term... Blightys government-funded educational network Janet has once again been hit by a cyber attack, with a fresh ..
www.theregister.co.uk/2016/04/18/janet_clobbered_with_ddos_attacks_again/
Oberösterreichische Firma bei Traktorenkauf auf Internetbetrüger reingefallen
40.000 Euro Schaden - Homepage von englischem Anbieter "gefakt"
http://derstandard.at/2000035121122