Tageszusammenfassung - 01.02.2018

End-of-Day report

Timeframe: Mittwoch 31-01-2018 18:00 − Donnerstag 01-02-2018 18:00 Handler: Alexander Riepl Co-Handler: n/a


∗∗∗ DDG: A Mining Botnet Aiming at Database Servers ∗∗∗ Starting 2017-10-25, we noticed there was a large scale ongoing scan targeting the OrientDB databases. Further analysis found that this is a long-running botnet whose main ..

http://blog.netlab.360.com/ddg-a-mining-botnet-aiming-at-database-server-en/ ∗∗∗ Adaptive Phishing Kit ∗∗∗ Phishing kits are everywhere! If your server is compromised today, they are chances that it will be used to mine cryptocurrency, to deliver malware payloads or to host a phishing kit. Phishing remains a common attack scenario to collect valid credentials and impersonate the user account or, in larger attacks, it is one of the first steps to ..

https://isc.sans.edu/diary/rss/23299 ∗∗∗ Internet of Dildos – a long way to a vibrant future ∗∗∗ Schwachstellen in Sexspielzeugen sind nicht nur aus technischer Sicht sehr interessant, sondern vor allem datenschutzrechtlich. Mehrere „Smart Sex“ Spielzeuge der Marke Vibratissimo und die dazugehörige Cloud Plattform waren von schwerwiegenden Schwachstellen betroffenen.

https://www.sec-consult.com/blog/2018/02/internet-of-dildos-a-long-way-to-a-vibrant-future/index.html ∗∗∗ Meltdown/Specter-based Malware Coming Soon to Devices Near You, Are You Ready? ∗∗∗ It has been few weeks since the details of the Spectre, and Meltdown processor vulnerabilities came out in public and researchers have discovered more than 130 malware samples trying to exploit these chip flaws. Spectre and Meltdown are security ..

https://thehackernews.com/2018/02/meltdown-spectre-malware-hacking.html ∗∗∗ Malicious Chrome Extensions Found in Chrome Web Store, Form Droidclub Botnet ∗∗∗ The Trend Micro Cyber Safety Solutions team has discovered a new botnet delivered via Chrome extensions that affects more than half a million users. (The malicious extension is detected as BREX_DCBOT.A.) This botnet was used to inject ads and cryptocurrency mining code into websites the victim would visit. We have dubbed this particular ..

https://blog.trendmicro.com/trendlabs-security-intelligence/malicious-chrome-extensions-found-chrome-web-store-form-droidclub-botnet/ ∗∗∗ "Ändere dein Passwort"-Tag: Lass es doch einfach bleiben! ∗∗∗ Am 1. Februar ist "Ändere dein Passwort"-Tag. Aber ist es wirklich sinnvoll, Passwörter regelmäßig zu ändern? Und wie wählt man überhaupt gute Passwörter, die Hackerangriffen standhalten?

https://www.heise.de/meldung/Aendere-dein-Passwort-Tag-Lass-es-doch-einfach-bleiben-3956127.html ∗∗∗ Ransom Where? Malicious Cryptocurrency Miners Takeover, Generating Millions ∗∗∗ The threat landscape is constantly changing; over the last few years malware threat vectors, methods and payloads have rapidly evolved. Recently, as cryptocurrency values have exploded, mining ..

http://blog.talosintelligence.com/2018/01/malicious-xmr-mining.html ∗∗∗ Chrome’s Plan to Distrust Symantec Certificates ∗∗∗ Posted by Devon O’Brien, Ryan Sleevi, Andrew Whalley, Chrome SecurityThis post is a broader announcement of plans already finalized on the blink-dev mailing list.Update, 1/31/18: Post was updated to further clarify 13 month validity limitationsAt the end of July, the Chrome team and the PKI community converged upon a plan to reduce, and ..



∗∗∗ DSA-4103 chromium-browser - security update ∗∗∗

https://www.debian.org/security/2018/dsa-4103 ∗∗∗ Multiple critical vulnerabilities in Whole Vibratissimo Smart Sex Toy product range ∗∗∗
