Tageszusammenfassung - Freitag 3-06-2016

End-of-Shift report

Timeframe: Donnerstag 02-06-2016 18:00 − Freitag 03-06-2016 18:00 Handler: Alexander Riepl Co-Handler: n/a

Trillium Exploit Kit Update Offers 'Security Tips'

McAfee Labs has previously blogged about the Trillium Exploit Kit Version 3.0, which is commonly used to create and distribute malware. Last week, Version 4.0 appeared on several underground forums. We have analyzed the new version of the tool ..

https://blogs.mcafee.com/mcafee-labs/trillium-exploit-kit-update-offers-security-tips/

---

DSA-3593 libxml2 - security update

Several vulnerabilities were discovered in libxml2, a library providingsupport to read, modify and write XML and HTML files. A remote attackercould provide a specially crafted XML or HTML file that, when processedby an ..

https://www.debian.org/security/2016/dsa-3593

---

GE MultiLink Series Hard-coded Credential Vulnerability

This advisory contains mitigation details for a hard-coded credential vulnerability in GE's MultiLink series managed switches.

https://ics-cert.us-cert.gov/advisories/ICSA-16-154-01

---

WP Mobile Detector <= 3.5 - Arbitrary File Upload

https://wpvulndb.com/vulnerabilities/8505

---

Understanding Angler Exploit Kit - Part 1: Exploit Kit Fundamentals

Generally speaking, criminal groups use two methods for widespread distribution of malware. The most common method is malicious spam (malspam). This is a fairly direct mechanism, usually through an email attachment or ..

http://researchcenter.paloaltonetworks.com/2016/06/unit42-understanding-angler-exploit-kit-part-1-exploit-kit-fundamentals/

---

MySQL is YourSQL

Its The End of the World and We Know It If you listen to the press - those purveyors of doom, those nattering nabobs of negativism - you arrive at a single, undeniable conclusion: The worldis going to hell in a hand-basket. They ..

https://isc.sans.edu/diary.html?storyid=21117

---

Nach Kontroversen: Teamviewer führte neue Accountsicherungen ein

Wenige Tage nach zahlreichen Nutzerbeschwerden über gehackte Accounts reagiert Teamviewer mit einem vorgezogenen Sicherheitsupdate. Wir haben mit dem Unternehmen darüber gesprochen.

http://www.golem.de/news/nach-kontroversen-teamviewer-fuehrte-neue-accountsicherungen-ein-1606-121294.html