Skip to content

Gotham Security Daily Threat Alerts

by on June 12, 2013

June 11, Help Net Security – (International) Washington Free Beacon website redirects to malware. Invincia researchers found several pages on the Web site of the Washington Free Beacon were compromised and used to redirect users to a domain hosting the Fiesta exploit kit. The kit attempts to drop the ZeroAccess rootkit and the Internet Security Pro fake antivirus malware. Source: https://www.net-security.org/malware_news.php?id=2516

June 11, Help Net Security – (International) Researchers find self-propagating Zeus variant. Researchers at Trend Micro discovered a variant of the Zeus/Zbot trojan that spreads via a malicious .pdf file and then copies itself onto any removable drives detected on an infected computer. Source: https://www.net-security.org/malware_news.php?id=2515

June 10, Netcraft – (International) Facebook Apps hosted by Heroku used for viral Twitter phishing attack. Netcraft identified a Twitter phishing site being served from several Facebook Applications hosted on the Heroku service. Source: http://news.netcraft.com/archives/2013/06/10/facebook-apps-hosted-by-heroku-used-for-viral-twitter-phishing-attack.html

June 10, IDG News Service – (International) New backdoor malware ‘KeyBoy’ used in targeted attacks in Asia, researchers say. Researchers at Rapid7 discovered an attack campaign using a new malware dubbed KeyBoy to install information-stealing backdoors. The campaign targets users in several countries in Asia and is spread by spearphishing. Source: https://www.networkworld.com/news/2013/061013-new-backdoor-malware-39keyboy39-used-270656.html

June 10, Threatpost – (International) IRC botnet leveraging unpatched Plesk vulnerability. Researchers found a botnet exploiting a vulnerability in the Plesk hosting control panel in unpatched systems. Some Apache server configurations were also reported to be vulnerable. Source: https://threatpost.com/irc-botnet-leveraging-unpatched-plesk-vulnerability/

June 10, Threatpost – (International) CERT warns of vulnerabilities in HP Insight Diagnostics. The Computer Emergency Readiness Team (CERT) Program issued an alert over multiple vulnerabilities in HP’s Insight Diagnostics server management tool that could be used to run code and take over infected computers. Source: https://threatpost.com/cert-warns-of-vulnerabilities-in-hp-insight-diagnostics/

June 10, Threatpost – (International) Apple Store vulnerable to XSS. A crosssite scripting (XSS) vulnerability was found in the Apple Store Web site, which exposes visitors to possible attack. A proof-of-concept exploit code was released. Source: https://threatpost.com/apple-store-vulnerable-to-xss/

From → Security

Comments are closed.

%d bloggers like this: