Skip to content

Gotham Security Daily Threat Alerts

by on March 28, 2013

March 27, Threatpost – (International) Attackers shifting to delivering unknown malware via FTP and Web pages. A report by Palo Alto Networks found that malware that goes undetected by antivirus programs has shifted primarily to Web-based exploits rather than email-based exploits, with 94 percent coming from Web browsing or Web proxies. Source: http://threatpost.com/en_us/blogs/new-report-confronts-unknown-malware-problem-032613

March 27, Threatpost – (International) U.S. and Russia –not China– lead list of malicious hosting providers. According to Host Exploit’s quarterly World Hosts Report, the U.S. and Russia ranked as the countries with the highest number of malicious hosting providers. Source: http://threatpost.com/en_us/blogs/us-and-russia-not-china-lead-list-malicious-hosting-providers-032713

March 27, Softpedia – (International) American indicted for helping Anonymous with DDOS attacks on Koch Industries. A Wisconsin man was charged for allegedly aiding an Anonymous group in distributing denial of service (DDoS) attacks against Web sites owned by Koch Industries in 2011. Source: http://news.softpedia.com/news/American-Indicted-for-Helping-Anonymous-With-DDOS-Attacks-on-Koch-Industries-340780.shtml 

March 26, Dark Reading – (International) Honeypot stings attackers with counterattacks. A researcher outlined in a paper how he set up a ‘honeypot’ to catch attackers and enabled the honeypot to install a backdoor agent on attackers’ computers via a Java applet as a research experiment, revealing information on them. Source: http://www.darkreading.com/threat-intelligence/167901121/security/attacksbreaches/240151740/honeypot-stings-attackers-with-counterattacks.html

March 26, Threatpost – (International) LinkedIn patches XSS and CSRF vulnerabilities. Professional social network LinkedIn fixed cross-site scripting (XSS) and cross-site request forgery (CSRF) issues on elements of its Web site that were reported in January and March. Source: http://threatpost.com/en_us/blogs/linkedin-patches-xss-and-csrf-vulnerabilities-032613

March 26, Network World – (International) Dirty smartphones: Devices keep traces of files sent to the cloud. University of Glasgow researchers found that remnants of files uploaded to cloud services from smartphones are left on the devices, potentially allowing hackers to access the files or gain access to cloud services. Source: http://www.networkworld.com/news/2013/032613-dirty-smartphones-268114.html 

March 26, Threatpost – (International) Google fixes 11 flaws in Chrome. Google released the newest version of its browser, Chrome 26, which contains security patches closing 11 vulnerabilities. Source: http://threatpost.com/en_us/blogs/google-fixes-11-flaws-chrome-032613

From → Security

Comments are closed.

%d bloggers like this: