Tageszusammenfassung - Mittwoch 18-01-2017

End-of-Shift report

Timeframe: Dienstag 17-01-2017 18:00 − Mittwoch 18-01-2017 18:00 Handler: Alexander Riepl Co-Handler: n/a

Critical Patch Update - January 2017

http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html

---

vBulletin Malware – When Hackers Compete for Backdoor Control

A common pattern we see in compromised websites is the presence of backdoors and other malicious code. During Q3 of 2016, we found that 72% of all compromises that we encountered had ..

https://blog.sucuri.net/2017/01/vbulletin-malware-hackers-compete-backdoor-control.html

---

JSA10774 - 2017-01 Security Bulletin: Network and Security Manager (NSM): Multiple OpenSSH and other third party software vulnerabilities affect NSM Appliance OS.

http://kb.juniper.net/index/content&id=JSA10774&actp=RSS

---

Kill it with fire: US-CERT warns admins to dump Server Message Block

Shadow Brokers may have loosed a zero-day, so youre better safe than sorry The US computer emergency readiness team .. www.theregister.co.uk/2017/01/18/uscert_warns_admins_to_kill_smb_after_shadow_brokers_dump/

Do web injections exist for Android?

Man-in-the-Browser (MITB) attacks can be implemented using various means, including malicious DLLs, rogue ..

http://securelist.com/blog/research/77118/do-web-injections-exist-for-android/

---

In Review: 2016’s Mobile Threat Landscape Brings Diversity, Scale, and Scope

65 million: the number of times we’ve blocked mobile threats in 2016. By December 2016, the total number of unique samples of malicious Android apps we’ve collected and ..

http://blog.trendmicro.com/trendlabs-security-intelligence/2016-mobile-threat-landscape/

---

Last call to replace SHA-1 certificates

http://blog.sec-consult.com/2017/01/last-call-to-replace-sha-1-certificates.html

---

The Carbanak gang is with a new modus operandi, Google services as C&C

The infamous Carbanak cybercrime gang is back and is leveraging Google services for command-and-control of its malicious codes. The dreaded Carbanak cybercrime gang is back ..

http://securityaffairs.co/wordpress/55427/cyber-crime/carbanak-google-services.html

---

Spora Ransomware Offers Victims Unique Payment Options

Researchers are keeping close tabs on a new ransomware strain called Spora that offers victims unique payment options.

http://threatpost.com/spora-ransomware-offers-victims-unique-payment-options/123130/

---

Kritische Lücken in Java & Co: Oracle wirft Riesen-Patchpaket ab

Das neueste Critical Patch Update von Oracle enthält unter anderem Sicherheitsupdates für Java, MySQL und VirtualBox. Wie immer gibt es Patches für fast alle Produkte des Herstellers.

https://heise.de/-3601613

---

Ancient Mac backdoor discovered that targets medical research firms

More secure than PC? Ha! Security researchers at Malwarebytes have discovered a Mac backdoor using antiquated code that targets biomedical research facilities.… ww.theregister.co.uk/2017/01/18/mac_malware/

Uncovering the Inner Workings of EyePyramid

Two Italians referred to as the “Occhionero brothers” have been arrested and accused of using malware and a carefully-prepared spear-phishing scheme to spy on high-profile ..

http://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-inner-workings-eyepyramid