End-of-Shift report
Timeframe: Montag 10-04-2017 18:00 − Dienstag 11-04-2017 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Longhorn: Tools used by cyberespionage group linked to Vault 7
Spying tools and operational protocols detailed in the recent Vault 7 leak have been used in cyberattacks against at least 40 targets in 16 different countries by a group Symantec calls Longhorn. Symantec has been protecting its ..
https://www.symantec.com/connect/blogs/longhorn-tools-used-cyberespionage-group-linked-vault-7
Mirai Botnet Temporarily Adds Bitcoin Mining Component, Removes It After a Week
For around a week at the end of March, one of the many versions of the Mirai malware was spotted delivering a Bitcoin-mining module to its infected ..
https://www.bleepingcomputer.com/news/security/mirai-botnet-temporarily-adds-bitcoin-mining-component-removes-it-after-a-week/
Support-Ende erreicht: Tschüss, Vista
Am heutigen 11. April endet der Support für Windows Vista. Eine Träne wird deswegen wohl kaum jemand vergießen, dabei steckten viele tolle Neuerungen darin.
https://heise.de/-3675983
Understanding and Discovering Open Redirect Vulnerabilities
One of the most common and largely overlooked vulnerabilities by web developers is Open Redirect (also known as "Unvalidated Redirects and Forwards"). A website is vulnerable to ..
https://www.trustwave.com/Resources/SpiderLabs-Blog/Understanding-and-Discovering-Open-Redirect-Vulnerabilities/
Microsoft Word 0day used to push dangerous Dridex malware on millions
Blast could give a boost to Dridex, one of the Internets worst bank-fraud threats.
https://arstechnica.com/security/2017/04/microsoft-word-0day-used-to-push-dangerous-dridex-malware-on-millions/
Malware belauscht Sensoren und knackt Handysperre
Von Forschern geschriebener Schädling nutzt Browserleck und neuronales Netzwerk, um Sperrcode zu errechnen
http://derstandard.at/2000055738573
Breaking Signal: A Six-Month Journey
Researchers spent six months poking holes in Signal and urge a bigger spotlight on security testing.
http://threatpost.com/breaking-signal-a-six-month-journey/124888/
DSA-3828 dovecot - security update
It was discovered that the Dovecot email server is vulnerable to adenial of service attack. When the dict passdb and userdb are usedfor user authentication, the ..
https://www.debian.org/security/2017/dsa-3828
Security Bulletins posted
Adobe has published security bulletins for Adobe Campaign (APSB17-09), Adobe Flash Player (APSB17-10), Adobe Acrobat and Reader (APSB17-11), Adobe Photoshop (APSB17-12) and the Creative Cloud Desktop Application (APSB17-13). Adobe recommends users update their product installations to the ..
https://blogs.adobe.com/psirt/?p=1457
Nach Hacker-Festnahme: FBI will Kelihos-Botnetz endgültig stilllegen
Schon kurz nachdem der mutmaßlich verantwortliche Cyberkriminelle in Spanien festgenommen wurde, haben US-Behörden offenbar mehrere Maßnahmen eingeleitet, um das Botnetz Kelihos ein für alle mal außer Gefecht zu setzen.
https://heise.de/-3682746