Skip to content

Gotham Security Daily Threat Alerts

by on March 27, 2013

March 26, Softpedia – (International) Websense: Over 93% of endpoints vulnerable to latest Java exploit. Research from Websense found that 93 percent of Web browser users are vulnerable to common Java exploits because they are not using a current version of Java, making them easy targets for unsophisticated attackers using Cool or other exploit kits. Source: http://news.softpedia.com/news/Websense-Over-93-of-Endpoints-Vulnerable-to-Latest-Java-Exploit-340306.shtml 

March 26, Help Net Security – (International) Activists now targeted with trojanized backdoor apps. Researchers from Kaspersky Lab identified a targeted attack on Uyghur and Tibetan activists that sends a malicious backdoor Android app to targets’ mobile devices, the first use the researchers have seen of a targeted attack against mobile devices. Source: http://www.net-security.org/malware_news.php?id=2446

March 25, Softpedia – (International) Grum spam botnet is slowly recovering after takedown, experts warn. Spider Labs researchers found that the cybercriminals behind the Grum botnet have begun reinstating command and control (C&C) servers, and spotted a steady increase in spam sent by the botnet. Source: http://news.softpedia.com/news/Grum-Spam-Botnet-is-Slowly-Recovering-After-Takedown-Experts-Warn-340125.shtml 

March 25, eWeek – (International) Slow Android phone patching prompts vulnerability report. A researcher released details on four vulnerabilities in Android on Samsung phones after having reported the vulnerabilities to Samsung in January. Source: http://www.eweek.com/security/slow-android-phone-patching-prompts-vulnerability-report/

March 25, Threatpost – (International)Lime Pop emerges as the latest strain of Android Enesoluty malware. Symantec identified a new variant of the Android.Enesoluty data-stealing malware, spread through an app called Lime Pop. The group behind Enesoluty has been active since summer 2012 and has registered more than 100 domains to host the malicious apps. Source: http://threatpost.com/en_us/blogs/lime-pop-emerges-latest-strain-android-enesouty-malware-032513

March 25, The H – (International) MongoDB: Exploit on the net, Metasploit in the making. An exploit for the MongoDB 2.2.3 database that can allow attackers to inject and execute code was published by a researcher. Source: http://www.h-online.com/security/news/item/MongoDB-Exploit-on-the-net-Metasploit-in-the-making-Update-1829690.html 

March 25, The H – (International) Weak keys in NetBSD. The developers of the NetBSD Unix operating system released a kernel update to fix an issue where systems would generate weak, easily-cracked cryptographic keys. Source: http://www.h-online.com/open/news/item/Weak-keys-in-NetBSD-1829336.html 

Network World – (International) Hackers steal photos, turn wi-fi cameras into remote surveillance device. Researchers from ERNW demonstrated various methods to remotely steal photos, turn cameras on, and execute denial of service (DoS) attacks against Wi-Fi-enabled Canon EOS-1D X cameras. Source: http://www.networkworld.com/community/node/82716

March 24, The Register – (International) T-Mobile patches Wi-Fi eavesdrop vuln. T- 10 – Mobile patched a vulnerability in its Wi-Fi calling feature that left users susceptible to man-in-the-middle attacks. Source: http://www.theregister.co.uk/2013/03/24/t_mobile_wi_fi_calling_bug/

From → Security

Comments are closed.

%d bloggers like this: