End-of-Shift report
Timeframe: Dienstag 20-08-2013 18:00 − Mittwoch 21-08-2013 18:00
Handler: Stephan Richter
Co-Handler: n/a
Hacker greift offenbar Zugangsdaten für Twitter ab
Ein Hacker hat sich offenbar Zugang zu Anmeldedaten des Kurznachrichtendienstes Twitter verschafft. Der Angreifer, der sich Mauritania Hacker nennt, hat am Dienstag angebliche Detailinformationen zu mehr als 15.000 Twitter-Accounts veröffentlicht.
http://www.heise.de/security/meldung/Hacker-greift-offenbar-Zugangsdaten-fuer-Twitter-ab-1939338.html
Poison Ivy: Assessing Damage and Extracting Intelligence
Today, our research team is publishing a report on the Poison Ivy family of remote access tools (RATs) along with a package of tools created...
http://www.fireeye.com/blog/technical/targeted-attack/2013/08/pivy-assessing-damage-and-extracting-intel.html
Measuring Entropy and its Applications to Encryption
There have been a bunch of articles about an information theory paper with vaguely sensational headlines like "Encryption is less secure than we thought" and "Research shakes crypto foundations." Its actually not that bad. Basically, the researchers arguethat the traditional measurement of Shannon entropy isnt the right model to use for cryptography, and that minimum entropy is. This difference may...
http://www.schneier.com/blog/archives/2013/08/measuring_entro.html
Sicherheitsforscher: Zero-Day-Lücke im Adobe Reader
In der aktuellen Version des Adobe Reader soll eine kritische Schwachstelle klaffen, durch die Angreifer Schadcode in PDF-Dokumenten platzieren können. Der Code wird ausgeführt, sobald man das Dokument öffnet.
http://www.heise.de/security/meldung/Sicherheitsforscher-Zero-Day-Luecke-im-Adobe-Reader-1939782.html
Gpg4win 2.2 verschlüsselt E-Mails und Dateien
Die neue Version 2.2 der GnuPG-Version für Windows unterstützt Outlook 2010 und 2013. Das Verschlüsselungs-Plug-in für den Windows Explorer liegt jetzt auch in einer 64-Bit-Version bei.
http://www.heise.de/security/meldung/Gpg4win-2-2-verschluesselt-E-Mails-und-Dateien-1939546.html
Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.7
Cross reference list for security vulnerabilities fixed in IBM WebSphere Application Server Fix Pack 8.0.0.7 CVE(s): CVE-2013-2967, CVE-2013-2976, CVE-2013-4004, CVE-2013-0169, CVE-2013-0597, CVE-2013-1768, CVE-2013-1862, CVE-2013-4005, CVE-2013-3029, CVE-2013-1896, and CVE-2012-2098 Affected product(s) and affected version(s): The following IBM WebSphere Application Server Versions are affected: Version 8.5 Version 8 Version 7 Version 6.1 OSGi Applications and JPA Feature Pack EJB 3.0
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_potential_security_vulnerabilities_fixed_in_ibm_websphere_application_server_8_0_0_7?lang=en_us
RSA Authentication Agent for PAM Allows Remote Users to Make Unlimited Login Attempts
http://www.securitytracker.com/id/1028930
IBM WebSphere Portal Unspecified Bug Lets Remote Users Access User Directories
http://www.securitytracker.com/id/1028933
McAfee Email Gateway Email Processing "ws_inv-smtp" Denial of Service Vulnerability
https://secunia.com/advisories/54486
PHP OpenID XRDS Processing XML External Entities Vulnerability
https://secunia.com/advisories/54542
Multiple Vulnerabilities in Cisco Unified Communications Manager
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cucm