End-of-Shift report
Timeframe: Mittwoch 18-01-2017 18:00 − Donnerstag 19-01-2017 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Who is Anna-Senpai, the Mirai Worm Author?
On September 22, 2016, this site was forced offline for nearly four days after it was hit with “Mirai,” a malware strain that enslaves poorly secured Internet of Things (IoT) devices like wireless routers and security cameras into a botnet for use in large cyberattacks. Roughly a week after that ..
https://krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm-author/
Docker Patches Container Escape Vulnerability
Docker has patched a privilege escalation vulnerability that could lead to container escapes, allowing a hacker to affect operations of a host from inside a container.
http://threatpost.com/docker-patches-container-escape-vulnerability/123161/
Database Ransom Attacks Hit CouchDB and Hadoop Servers
For the past week, unknown groups of cyber-criminals have taken control of and wiped data from CouchDB and Hadoop databases, in some cases asking for a ransom fee to return the ..
https://www.bleepingcomputer.com/news/security/database-ransom-attacks-hit-couchdb-and-hadoop-servers/
Adobes naughty Chrome telemetry code had XSS problem
Since patched, but a bad look for Adobe when it cant even get snoopware right Adobes pushed out a fix for its already-controversial Chrome telemetry extension after Project Zeros Tavis Ormandy found an ..
www.theregister.co.uk/2017/01/19/adobe_telemetry_patch_patched_against_xss/
Insecure Hadoop installs next in net scum crosshairs
Because MongoDB, Elasticsearch ransomware attacks are sooo last week Rinse-and-repeat ransomware attacks on data services left unsecured by dozy sysadmins are now hitting Hadoop instances.
www.theregister.co.uk/2017/01/19/insecure_hadoop_installs_under_attack/
Ex-Sysadmin fordert 200.000 Dollar für Nennung von Passwort
US-amerikanisches College wirft ehemaligem Mitarbeiter Erpressung vor
http://derstandard.at/2000050946919
Apple’s malware problem is accelerating
For a long time, one of the most common reasons for buying an Apple computer over a Windows-based one was that the former was less susceptible to viruses and other malware. However, the ..
https://www.helpnetsecurity.com/2017/01/19/apple-malware-problem-accelerating/
Viren, Spam und Computerausfälle betreffen IT-Sicherheit bei KMU
Fehlendes Wissen und Angst vor Kosten wichtigste Gründe, warum Situation nicht verbessert wird
http://derstandard.at/2000051117771
DSA-3766 mapserver - security update
It was discovered that mapserver, a CGI-based framework for Internetmap services, was vulnerable to a stack-based overflow. This issueallowed a remote user to crash the service, or potentially execute arbitrary code.
https://www.debian.org/security/2017/dsa-3766
Google veröffentlicht Riesen-Patch-Paket für Android
94 einzelne Lücken, 10 kritische Sicherheitsprobleme; Googles Android Security Bulletin für den Januar hat es in sich.
https://heise.de/-3603108
Forcepoint: Carbanak nutzt Google-Dienste für Malware-Hosting
Wer seine Malware auf einem Command-und-Control-Server hostet, läuft Gefahr, von Firewall-Regeln erkannt zu werden. Die Carbanak-Gruppe liefert Kommandos daher über Google-Docs aus.
http://www.golem.de/news/forcepoint-carbanak-nutzt-google-dienste-fuer-malware-hosting-1701-125693.html
Hackingvorwürfe: "Deutschland stellt Russland als Aggressor dar"
Russisches Außenamt beschwert sich über deutsche Vorgangsweise: "Keine Beweise vorgelegt"
http://derstandard.at/2000051188487
Samsung SmartCam-Kameras sind Freiwild für Botnetz-Betreiber
Forscher haben vor Jahren Lücken in der SmartCam SNH-1011 entdeckt, die von Samsung nur unzureichend geflickt wurden. Nun sind die IP-Kameras erneut angreifbar.
https://heise.de/-3603201