End-of-Shift report
Timeframe: Montag 13-02-2017 18:00 − Dienstag 14-02-2017 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Shirebrook man arrested in connection to Sports Direct breach
A 27-year-old man has been arrested in connection with the hack of Sports ..
www.theregister.co.uk/2017/02/13/sports_direct_arrest/
A look into the Russian-speaking ransomware ecosystem
In other words, crypto ransomware is a fine tuned, user friendly and constantly developing ecosystem. In the last few years we, at Kaspersky Lab, have been monitoring the development of this ecosystem. This is what we’ve learned.
http://securelist.com/analysis/publications/77544/a-look-into-the-russian-speaking-ransomware-ecosystem/
Top phishing targets in 2016? Google, Yahoo, and Apple
For every new phishing URL impersonating a financial institution, there were more than seven impersonating technology companies. Comparison of most impersonated companies ..
https://www.helpnetsecurity.com/2017/02/14/top-phishing-targets/
Metadata: The secret data trail
Every phone call, text message, even activated cell phones, leaves a trail of data across a network. In many cases this data is aggregated with other data and metadata including ..
https://www.helpnetsecurity.com/2017/02/14/metadata-secret-data-trail/
Worried about hacks, senators want info on Trump’s personal phone
Two senators have written to the U.S. Department of Defense about reports that President Donald Trump may still be using an old unsecured Android phone, including to communicate ..
http://www.cio.com/article/3169577/security/worried-about-hacks-senators-want-info-on-trumps-personal-phone.html
25% of web apps still vulnerable to eight of the OWASP Top Ten
69 percent of web applications are plagued by vulnerabilities that could lead to sensitive data exposure, and 55 percent by cross-site request forgery flaws, the results ..
https://www.helpnetsecurity.com/2017/02/14/web-application-vulnerabilities/
Sicherheitslücke in GarageBand für den Mac
Apple hat einen potenziell problematischen Fehler in seiner populären Audioanwendung geschlossen. Angreifer hätten wohl Code ausführen können.
https://heise.de/-3624160
University DDoSed by Its Own IoT Devices
An unnamed university has suffered a DDoS attack at the hand of its own IoT devices, according to a sneak preview of Verizons upcoming yearly data breach report.
https://www.bleepingcomputer.com/news/security/university-ddosed-by-its-own-iot-devices/
DSA-3788 tomcat8 - security update
It was discovered that a programming error in the processing of HTTPSrequests in the Apache Tomcat servlet and JSP engine may result indenial of service via an infinite loop.
https://www.debian.org/security/2017/dsa-3788
DSA-3787 tomcat7 - security update
It was discovered that a programming error in the processing of HTTPSrequests in the Apache Tomcat servlet and JSP engine may result indenial of service via an infinite loop.
https://www.debian.org/security/2017/dsa-3787
DSA-3786 vim - security update
Editor spell files passed to the vim (Vi IMproved) editormay result in an integer overflow in memory allocationand a resulting buffer overflow which potentiallycould result in the execution of arbitrary code or denial ofservice.
https://www.debian.org/security/2017/dsa-3786
Jetzt patchen! Angriffe auf WordPress-Seiten nehmen zu und werden gefährlicher
Nach der Verunstaltung von verwundbaren WordPress-Webseiten versuchen Angreifer nun Schadcode auszuführen, warnen Sicherheitsforscher.
https://heise.de/-3624301
Staying safe online on Valentine’s Day
We give some advice on how to steer clear of scams and other bad things on Valentines Day. Everything from ..
https://blog.malwarebytes.com/cybercrime/2017/02/staying-safe-online-on-valentines-day/
Chrome: Google zahlt 20 Millionen US-Dollar für Anti-Malware-Patente
Auch für Google sind 20 Millionen Dollar nicht wenig Geld. Ein US-Gericht verurteilte das Unternehmen zur Zahlung dieser Summe, weil es Patente zur Sicherung vor Malware im ..
https://www.golem.de/news/chrome-google-zahlt-20-millionen-us-dollar-fuer-anti-malware-patente-1702-126161.html
Tracking the Decline of Top Exploit Kits
The latter half of 2016 saw a major shift in the exploit kit landscape, with many established kits suddenly dropping operations or switching business models. Angler, which has ..
http://blog.trendmicro.com/trendlabs-security-intelligence/tracking-decline-top-exploit-kits
Gefälschte Post.at-Sendungsverfolgung im Umlauf
Mit einer gefälschten Post.at-Sendungsverfolgung wollen Kriminelle Schadsoftware auf fremden Computern hinterlegen. Dazu fordern sie Empfänger/innen auf, Informationen ..
https://www.watchlist-internet.at/schadsoftware/gefaelschte-postat-sendungsverfolgung-im-umlauf/
Security Bulletins posted for Flash Player, Digital Editions and Adobe Campaign
Adobe has published security bulletins for Adobe Flash Player (APSB17-04), Adobe Digital Editions (APSB17-05) and Adobe Campaign (APSB17-06). Adobe recommends users update their ..
https://blogs.adobe.com/psirt/?p=1444
Nation States Distancing Themselves from APTs
Increasingly, governments are outsourcing state-sponsored attacks to mitigate risk and maximize intelligence.
http://threatpost.com/nation-states-distancing-themselves-from-apts/123711/
February 2017 security update release
Our top priority is to provide the best possible experience for customers in maintaining and protecting their ..
https://blogs.technet.microsoft.com/msrc/2017/02/14/february-2017-security-update-release/