Tageszusammenfassung - Mittwoch 21-08-2013

End-of-Shift report

Timeframe: Dienstag 20-08-2013 18:00 − Mittwoch 21-08-2013 18:00 Handler: Stephan Richter Co-Handler: n/a

Hacker greift offenbar Zugangsdaten für Twitter ab

Ein Hacker hat sich offenbar Zugang zu Anmeldedaten des Kurznachrichtendienstes Twitter verschafft. Der Angreifer, der sich Mauritania Hacker nennt, hat am Dienstag angebliche Detailinformationen zu mehr als 15.000 Twitter-Accounts veröffentlicht.

http://www.heise.de/security/meldung/Hacker-greift-offenbar-Zugangsdaten-fuer-Twitter-ab-1939338.html


Poison Ivy: Assessing Damage and Extracting Intelligence

Today, our research team is publishing a report on the Poison Ivy family of remote access tools (RATs) along with a package of tools created...

http://www.fireeye.com/blog/technical/targeted-attack/2013/08/pivy-assessing-damage-and-extracting-intel.html


Measuring Entropy and its Applications to Encryption

There have been a bunch of articles about an information theory paper with vaguely sensational headlines like "Encryption is less secure than we thought" and "Research shakes crypto foundations." Its actually not that bad. Basically, the researchers arguethat the traditional measurement of Shannon entropy isnt the right model to use for cryptography, and that minimum entropy is. This difference may...

http://www.schneier.com/blog/archives/2013/08/measuring_entro.html


Sicherheitsforscher: Zero-Day-Lücke im Adobe Reader

In der aktuellen Version des Adobe Reader soll eine kritische Schwachstelle klaffen, durch die Angreifer Schadcode in PDF-Dokumenten platzieren können. Der Code wird ausgeführt, sobald man das Dokument öffnet.

http://www.heise.de/security/meldung/Sicherheitsforscher-Zero-Day-Luecke-im-Adobe-Reader-1939782.html


Gpg4win 2.2 verschlüsselt E-Mails und Dateien

Die neue Version 2.2 der GnuPG-Version für Windows unterstützt Outlook 2010 und 2013. Das Verschlüsselungs-Plug-in für den Windows Explorer liegt jetzt auch in einer 64-Bit-Version bei.

http://www.heise.de/security/meldung/Gpg4win-2-2-verschluesselt-E-Mails-und-Dateien-1939546.html


Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.7

Cross reference list for security vulnerabilities fixed in IBM WebSphere Application Server Fix Pack 8.0.0.7 CVE(s): CVE-2013-2967, CVE-2013-2976, CVE-2013-4004, CVE-2013-0169, CVE-2013-0597, CVE-2013-1768, CVE-2013-1862, CVE-2013-4005, CVE-2013-3029, CVE-2013-1896, and CVE-2012-2098 Affected product(s) and affected version(s): The following IBM WebSphere Application Server Versions are affected: Version 8.5 Version 8 Version 7 Version 6.1 OSGi Applications and JPA Feature Pack EJB 3.0

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_potential_security_vulnerabilities_fixed_in_ibm_websphere_application_server_8_0_0_7?lang=en_us


RSA Authentication Agent for PAM Allows Remote Users to Make Unlimited Login Attempts

http://www.securitytracker.com/id/1028930


IBM WebSphere Portal Unspecified Bug Lets Remote Users Access User Directories

http://www.securitytracker.com/id/1028933


McAfee Email Gateway Email Processing "ws_inv-smtp" Denial of Service Vulnerability

https://secunia.com/advisories/54486


PHP OpenID XRDS Processing XML External Entities Vulnerability

https://secunia.com/advisories/54542


Multiple Vulnerabilities in Cisco Unified Communications Manager

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cucm