Skip to content

Gotham Security Daily Threat Alerts

by on May 30, 2013

May 29, IDG News Service – (International) Hackers exploit Ruby on Rails vulnerability to compromise servers, create botnet. A vulnerability in Ruby on Rails that was patched in January has been seen being exploited by attackers to take over servers and create a botnet. Source: http://www.networkworld.com/news/2013/052913-hackers-exploit-ruby-on-rails-270216.html

May 29, Softpedia – (International) Secunia accidentally discloses image viewing application vulnerabilities. A researcher accidentally emailed information on vulnerabilities in ERDAS ER Viewer to a public vulnerability mailing list. The large image file viewer is used by various organizations, including some in the defense industry. Source: http://news.softpedia.com/news/Secunia-Accidentally-Discloses-Image-Viewing-Application-Vulnerabilities-356700.shtml

May 29, Softpedia – (International) Experts find code execution flaw in PS3, password reset bug in Sony Entertainment Network. Researchers at Vulnerability Lab revealed that several vulnerabilities in Sony’s PlayStation 3 firmware were disclosed to Sony and recently fixed. They also found that the Sony Entertainment Network Web site’s password recovery function could be exploited to reset users’ passwords. Source: http://news.softpedia.com/news/Experts-Find-Code-Execution-Flaw-in-PS3-Password-Reset-Bug-in-Sony-Entertainment-Network-356623.shtml

May 29, Softpedia – (International) Expert reports two security issues to Dropbox, only one fixed. A researcher at Security Pulse found and disclosed two vulnerabilities in Dropbox. The first, an open redirect flaw, was addressed by Dropbox, while the second, a bug that allows attackers to unsubscribe users from the Dropbox for Business mailing list, was not regarded as a security issue by the company. Source: http://news.softpedia.com/news/Expert-Reports-Two-Security-Issues-to-Dropbox-Only-One-Fixed-Video-356762.shtml

May 29, IDG News Service – (International) Anonymous member pleads guilty to Stratfor hack. A hacker who identified with the Anonymous hacktivist label pleaded guilty to participating in several attacks in 2010 and 2011, including attacks against law enforcement computer systems and analysis company Stratfor. Source: http://www.computerworld.com/s/article/9239583/Anonymous_member_pleads_guilty_to_Stratfor_hack

May 28, The H – (International) DoS vulnerability in ModSecurity fixed. The developers of the ModSecurity firewall fixed a vulnerability that could be exploited to crash the firewall, among other fixes. Source: http://www.h-online.com/security/news/item/DoS-vulnerability-in-ModSecurity-fixed-Update-1872307.html

May 28, Defense News – (International) Chinese hackers breach top weapons designs. According to a report prepared by the Defense Science Board, Chinese hackers have gained access to the designs of many of the United States most sensitive advanced weapons systems. Source: http://www.defensenews.com/article/20130528/DEFREG02/305280015/Report-Chinese-Hackers-Breach-Top-Weapons-Designs

From → Security

Comments are closed.

%d bloggers like this: