End-of-Shift report
Timeframe: Dienstag 14-06-2016 18:00 − Mittwoch 15-06-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Security Advisory posted for Adobe Flash Player (APSA16-03)
A Security Advisory (APSA16-03) has been published regarding a critical vulnerability (CVE-2016-4171) in Adobe Flash Player. Adobe is aware of a report that an exploit for CVE-2016-4171 exists in the wild, and is being used in limited, ..
https://blogs.adobe.com/psirt/?p=1367
Security Bulletins Posted
Adobe has published security bulletins for the Adobe DNG SDK (APSB16-19), Adobe Brackets (APSB16-20), Adobe Creative Cloud Desktop Application (APSB16-21) and ColdFusion (APSB16-22). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant ..
https://blogs.adobe.com/psirt/?p=1361
MS16-JUN - Microsoft Security Bulletin Summary for June 2016 - Version: 1.0
https://technet.microsoft.com/en-us/library/security/MS16-JUN
DSA-3602 php5 - security update
Several vulnerabilities were found in PHP, a general-purpose scriptinglanguage commonly used for web application development.
https://www.debian.org/security/2016/dsa-3602
Where's the Macro? Malware authors are now using OLE embedding to deliver malicious files
Recently, we've seen reports of malicious files that misuse the legitimate Office object linking and embedding (OLE) capability to trick users into enabling and downloading malicious content. Previously, we've seen macros used ..
https://blogs.technet.microsoft.com/mmpc/2016/06/14/wheres-the-macro-malware-author-are-now-using-ole-embedding-to-deliver-malicious-files/
Mofang: A politically motivated information stealing adversary
Mofang is a threat actor that almost certainly operates out of China and is probably government-affiliated. It is highly likely that Mofang's targets are selected based on involvement with ..
https://blog.fox-it.com/2016/06/15/mofang-a-politically-motivated-information-stealing-adversary/
Safari 10 blockiert Flash standardmäßig ***
Ab Herbst gaukelt Apples Browser Webseiten in der Standardeinstellung vor, dass Plug-ins wie Flash, Silverlight oder Java gar nicht installiert seien. Der Schritt soll Strom sparen und für mehr Sicherheit sorgen.
http://heise.de/-3238170
VMSA-2016-0009
http://www.vmware.com/security/advisories/VMSA-2016-0009.html
VMSA-2016-0005.4
http://www.vmware.com/security/advisories/VMSA-2016-0005.html
VMSA-2015-0009.3
http://www.vmware.com/security/advisories/VMSA-2015-0009.html
VMSA-2015-0007.6
http://www.vmware.com/security/advisories/VMSA-2015-0007.html
iOS-Apps müssen ab 2017 HTTPS verwenden
Apple hat angekündigt, ab 1. Jänner 2017 HTTPS-Verbindungen für iOS-Apps zu verlangen. Daten sollen nur noch verschlüsselt übertragen werden.
http://futurezone.at/apps/ios-apps-muessen-ab-2017-https-verwenden/204.603.462
Russische Spione hacken Computer von US-Demokraten
http://derstandard.at/2000038962384-406
Adobe-Patchday lässt kritische Flash-Lücke ungepatcht
Adobe schliesst Lücken in ColdFusion, der Creative Cloud, dem DNG Development Kit und seinem Texteditor Brackets. Nur eine kritische Flash-Lücke bleibt erst mal ungepatcht.
http://heise.de/-3238271
DSA-3603 libav - security update
Several security issues have been corrected in multiple demuxers anddecoders of the libav multimedia library. A full ..
https://www.debian.org/security/2016/dsa-3603
Cross-Site Scripting in extension "Bootstrap Package" (bootstrap_package)
https://typo3.org/news/article/cross-site-scripting-in-extension-formhandler-formhandler-2/
Microsoft-Patchday: Uralt-Lücke aus Windows-95-Zeiten geschlossen
Microsoft hat für diesen Monat 16 Sicherheitsupdates herausgegeben. Fünf davon sind kritisch und eine wichtige Lücke namens "BadTunnel" betrifft alle Windows-Versionen seit Windows 95.
http://heise.de/-3238328
xDedic - the shady world of hacked servers for sale
Over the last two years, deep in the slums of the Internet, a different kind of underground market has flourished. The short, cryptic name perhaps doesnt say much about it: xDedic. However, on this obscure marketplace anyone can purchase more than 70,000 hacked servers from all around the Internet.
http://securelist.com/blog/research/75027/xdedic-the-shady-world-of-hacked-servers-for-sale/
Programmiersprache: Microsoft forscht an sicherer C-Erweiterung
Einige Modifikationen an Syntax, Compiler und Laufzeitumgebung sollen C-Programme vor typischen Fehlern der Programmiersprache schützen. Microsoft erforscht diese Technik gemeinsam mit Universitäten in einem Open-Source-Projekt.
http://www.golem.de/news/programmiersprache-microsoft-forscht-an-sicherer-c-erweiterung-1606-121531.html
Next Steps for Legacy Plug-ins
The web platform is capable of amazing things. Thanks to the ongoing hard work of standards bodies, browser vendors, and web developers, web standards are feature-rich and continuously improving. The WebKit project in particular ..
https://webkit.org/blog/6589/next-steps-for-legacy-plug-ins/
Forenbetreiber gehackt: 45 Millionen Nutzer betroffen
Cyberkriminelle haben 45 Millionen Datensätze von VerticalScope gestohlen. Die kanadische Firma hostet über 1.100 Webseiten und Online-Foren.
http://futurezone.at/digital-life/forenbetreiber-gehackt-45-millionen-nutzer-betroffen/204.703.493
TalkTalk-Kunden werden über TeamViewer-Zugänge angegriffen
Nicht genug, dass die Daten der TalkTalk-Kunden im Netz sind: Jetzt werden diese auch noch Opfer von Ganoven. Diese versuchen, ..
http://heise.de/-3238766