Skip to content

Gotham Security Daily Threat Alerts

by on March 26, 2013

March 25, The Register – (International) South Korea data-wipe malware spread by patching system. South Korean antivirus firm AhnLab stated that the malware that spread through banking and communications Web sites in that country was distributed via compromised patch management systems and delivered to targets as if it were a legitimate software update. Source: http://www.theregister.co.uk/2013/03/25/sk_data_wiping_malware_latest/

March 25, Threatpost – (International) XSS flaw in WordPress plugin allows injection of malicious code. A vulnerability in the WP Banners Lite plugin for WordPress can allow attackers to inject malicious HTML or Javascript on vulnerable Web sites. Source: http://threatpost.com/en_us/blogs/xss-flaw-wordpress-plugin-allows-injection-malicious-code-032513 

March 25, Infosecurity – (International) Phishers can disguise links with Javascript. A researcher disclosed a Javascript method that can be used to show a different URL when a user hovers over a link in a phishing email, disguising the malicious link’s destination to appear legitimate. Source: http://www.infosecurity-magazine.com/view/31430/phishers-can-disguise-their-links-with-javascript 

March 22, Threatpost – (International) Command and control used in Sanny APT attacks shut down. Security firm FireEye and South Korean authorities shut down a compromised message board that was hosting a command and control channel for the Sanny malware campaign. Source: http://threatpost.com/en_us/blogs/command-and-control-used-sanny-apt-attacks-shut-down-032213 

March 22, Threatpost – (International) Apple takes tool offline after new security hole surfaces. Apple took down its iForgot password reset tool after a vulnerability was discovered that could allow unauthorized access to user accounts. Source: http://threatpost.com/en_us/blogs/apple-takes-tool-offline-after-new-security-hole-surfaces-032213 

March 22, Symantec – (International) New Tidserv variant downloads 50 MB Chromium embedded framework. A new variant of the Tidserv malware was observed to utilize the legitimate Chromium Embedded Framework (CEF), downloading the framework onto infected systems. Source: http://www.symantec.com/connect/blogs/new-tidserv-variant-downloads-50-mb-chromium-embedded-framework

From → Security

Comments are closed.

%d bloggers like this: