Skip to content

Gotham Security Daily Threat Alerts

by on April 9, 2013

April 8, – (International) Doctor Web hijacks control of BackDoor botnet from criminals. Antivirus provider Doctor Web took control of the BackDoor.Bulknet.739 botnet and posted an analysis of its composition and effectiveness. Source: botnet-from-criminals

April 7, CVG UK – (International) Server attack forces Harmonix sites offline. Video game developer Harmonix took their Web sites offline April 7 after they detected a possible intrusion. Source:

April 6, Softpedia – (International) Microsoft fixes DOM XSS vulnerability on Microsoft closed a DOM-based cross-site scripting (XSS) vulnerability on the Skype Web site during March after a researcher informed the company of it December 2012. Source:

April 5, Softpedia – (International) FTP server in Taiwan leaks AMI BIOS source code, UEFI signing key. Researchers discovered an open FTP server that holds the source code for several American Megatrends (AMI) BIOS as well as the private signing key for Unifiied Extensible Firmware Interface (UEFI) updates, information potentially very valuable in carrying out cyberespionage. Source:

April 5, Ars Technica – (International) Bitcoin wallet service Coinbase faces phishing attacks after data leak. Coinbase, a wallet service for the virtual currency Bitcoin, accidentally exposed user and transaction information on its Web site, leading to phishing attacks against the revealed email addresses. Source:

April 5, SC Magazine – (International) Android trojan spreads through Cutwail spam botnet. A large Cutwail botnet has been found spreading an Android trojan dubbed Stels which is capable of gleaning user information and performing functions on infected devices. Source:

April 5, – (International) Coca Cola, Credit Suisse and Mercedez-Benz execs caught up in phishing scam. Webroot researchers found Microsoft Access files from major international companies for sale on underground market Web sites, offering executives’ contact information for use in creating more effective phishing attacks. Source:

April 5, Threatpost – (International) Shylock trojan going global with new features, resilient infrastructure. Symantec found that the cybercriminals behind the Shylock banking trojan have added new functions and infrastructure to the malware, expanding the banking institutions that it targets and allowing it to steal other passwords and user information. Source: infrastructure-040513 

From → Security

Comments are closed.

%d bloggers like this: