End-of-Shift report
Timeframe: Dienstag 31-05-2016 18:00 − Mittwoch 01-06-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Tor Browser 6.0: Ditches SHA-1 Support, Uses DuckDuckGo For Default Search Results
The version 6.0 of Tor Browser, a free software for enabling anonymous communication, is now available to download. The new version introduces several changes, including disabling SHA-1 support, and removing ..
https://tech.slashdot.org/story/16/05/31/1643234/tor-browser-60-ditches-sha-1-support-uses-duckduckgo-for-default-search-results
Drupal SQLi (Drupalgeddon) Attack Trend CVE-2014-3704 / SA-CORE-2014-005
It has been over 19 months since Drupalgeddon, which refers to Drupal's Security Advisory (SA) SA-CORE-2014-005. For those unfamiliar with it, it ..
https://blog.sucuri.net/2016/05/drupal-sqli-drupalgeddon-attack-trend-cve-2014-3704-sa-core-2014-005.html
Finding Conditional Drupal Database Spam
Nobody likes spam. It's never fun (unless you're watching Monty Python). For us it comes with the territory; removing SEO spam has been at the core of what we deal with since our inception, giving us some pretty good ..
https://blog.sucuri.net/2016/05/finding-conditional-drupal-database-spam.html
Cluster of 'megabreaches' compromises a whopping 642 million passwords
MySpace, Tumblr, and Fling are the latest services to join discredited LinkedIn.
http://arstechnica.com/security/2016/05/cluster-of-megabreaches-compromise-a-whopping-642-million-passwords/
Moxa UC 7408-LX-Plus Firmware Overwrite Vulnerability
This advisory contains mitigation details for a firmware overwrite vulnerability in Moxa's UC 7408-LX-Plus device.
https://ics-cert.us-cert.gov/advisories/ICSA-16-152-01
ABB PCM600 Vulnerabilities
This advisory contains mitigation details for one use of password hash with insufficient computational effort and three insufficiently protected credentials vulnerabilities in ABB's PCM600.
https://ics-cert.us-cert.gov/advisories/ICSA-16-152-02
Unfalsifiability of security claims
There is an inherent asymmetry in computer security: things can be declared insecure by observation, but not the reverse. There is no observation that allows us to declare an arbitrary system or technique secure. We ..
http://research.microsoft.com/pubs/256133/unfalsifiabilityOfSecurityClaims.pdf
Lücke in ImageMagick und GraphicsMagick ermöglicht erneute Angriffe
Manipulierte Dateinamen können Schadcode über die popen()-Funktion des Betriebssystems zur Ausführung bringen. Patches stehen bereit.
http://heise.de/-3223811
Scrum.org hacked, may have lost crypto keys and some user data
Dont go dissing DevOps: a supplier has fessed up to a website vuln Scrum.org, the Scrum certification ..
www.theregister.co.uk/2016/06/01/scrumorg_hacked_may_have_lost_crypto_keys_and_some_user_data/
Heikle Sicherheitslücken in vorinstallierter Laptop-Software
http://derstandard.at/2000038006783
Microsoft: Spamfilter für Hotmail und Outlook kaputt
Unternehmen arbeitet mit Hochdruck an Lösung, manche Nutzer sollen "extreme Menge" an Spam-Mails erhalten
http://derstandard.at/2000038023486
The impossible task of creating a 'Best VPNs' list today
Our writer set out to make a list of reliable VPNs; turns out the task is complicated.
http://arstechnica.com/security/2016/06/aiming-for-anonymity-ars-assesses-the-state-of-vpns-in-2016/
VB2015 paper: Economic Sanctions on Malware
Financial pressure can be a proactive and potentially very effective tool in making our computer ecosystems safer. By cleverly employing various trust metrics and technologies such as digital signing, watermarking, and ..
https://www.virusbulletin.com/blog/2016/06/economic-sanctions-malware/
DRIDEX Poses as Fake Certificate in Latest Spam Run
At a glance, it seems that DRIDEX has dwindled its activities or operation, appearing only for a few days this May. This is quite unusual given that in the past five months or so, this prevalent online banking threat ..
http://blog.trendmicro.com/trendlabs-security-intelligence/dridex-poses-as-fake-certificate/
Security: LG muss Android-Firmware reparieren
Zwei Sicherheitslücken in LGs-Android Firmware ermöglichen eine Reihe von Angriffen, teilweise auch aus der Ferne. Nutzer sollten schnell reagieren, die Updates stehen bereit.
http://www.golem.de/news/security-lg-muss-android-firmware-reparieren-1606-121232.html
Kindernahrung: Mein Baby Club von Hipp wurde gehackt
Kopierte Nutzerdaten sind immer ein Ärgernis - besonders, wenn die persönlichen Informationen von Kindern betroffen sind. Der Hersteller Hipp hat seine Kunden jetzt über einen Einbruch in die eigenen Serversysteme des Mein Baby Clubs informiert
http://www.golem.de/news/kindernahrung-mein-baby-club-von-hipp-wurde-gehackt-1606-121236.html