End-of-Shift report
Timeframe: Dienstag 31-01-2017 18:00 − Mittwoch 01-02-2017 18:00
Handler: Alexander Riepl
Co-Handler: n/a
BINOM3 Electric Power Quality Meter
This advisory contains mitigation details for vulnerabilities in BINOM3s electric power quality meter.
https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01
Ecava IntegraXor
This advisory contains mitigation details for an SQL injection vulnerability in the Ecava IntegraXor web server.
https://ics-cert.us-cert.gov/advisories/ICSA-17-031-02
"Ändere-dein-Passwort-Tag": Pro und Contra Passwortwechsel
Ist es sinnvoll, sein Passwort regelmäßig und vorsichtshalber zu ändern? Was in einigen Firmen verpflichtent ist, ist in Security-Kreisen umstritten. Unter Umständen kann das sogar kontraproduktiv sein.
https://heise.de/-3613327
Cerber tops Windows 10 ransomware charts
Crims aimed for a Christmas Number One and scored Net scum behind the Cerber ransomware have been pounding enterprises infecting more corporate machines than any other, according to Microsoft.…
www.theregister.co.uk/2017/02/01/cerber_windows_10/
We need to talk about Granny: Shes way more likely to fall for phishing
If you want to catch as many people as you can, go for the old legal razzle dazzle Usenix Enigma 2017 Research has shown that older people – particularly older ..
www.theregister.co.uk/2017/02/01/why_old_women_biggest_phishing_victims/
Quick Analysis of Data Left Available by Attackers, (Wed, Feb 1st)
While hunting for interesting cases, I found the following phishing email mimicking an UPS delivery notification: When you click on the link, you are redirected to the ..
https://isc.sans.edu/diary.html?storyid=22015
Popular PlayStation and Xbox Gaming Forums Hacked; 2.5 Million Users Data Leaked
Do you own an account on one of the two hugely popular PlayStation and Xbox gaming forums? Your details may have been exposed, as it has been revealed that the two ..
http://thehackernews.com/2017/01/gaming-forum-hacking.html
Nächstes Hacker-Ziel: Ihr Hirn
Neue Gehirn-Computer-Schnittstellen bringen die Gefahr von Hirn-Malware mit sich. Was wie eine Postillon-Schlagzeile klingt, beschäftigt ernsthafte Sicherheitsforscher.
https://heise.de/-3613672
Hacker Phineas Fisher dementiert, verhaftet worden zu sein
Katalanische Behörden hatten nach Hausdurchsuchungen mehrere Personen festgenommen
http://derstandard.at/2000051907276
Insiderhandel: Mitarbeiter verkaufen Firmengeheimnisse im Darknet
Auf illegalen Online-Marktplätzen werden derzeit offenbar gezielt Insider angeworben, um mit deren Informationen kriminelle Geschäfte zu ermöglichen. Die Bandbreite ..
http://www.golem.de/news/insiderhandel-mitarbeiter-verkaufen-firmengeheimnisse-im-darknet-1702-125924.html
Hacker One: Die Sicherheitslücken der US-Armee
Sicherheitsforscher hatten einen Monat Zeit, um die US-Armee zu hacken. 118 Sicherheitslücken wurden gefunden und beseitigt. Eine davon ermöglichte den Zugriff auf ein ..
http://www.golem.de/news/hacker-one-die-sicherheitsluecken-der-us-armee-1702-125935.html
Cisco Prime Home Authentication Bypass Vulnerability
A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator ..
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-prime-home
Disclosure of Additional Security Fix in WordPress 4.7.2
WordPress 4.7.2 was released last Thursday, January 26th. If you have not already updated, please do so immediately. In addition to the three security vulnerabilities mentioned in the original release post, WordPress 4.7 and 4.7.1 had one additional ..
https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/