Skip to content

Gotham Security Daily Threat Alerts

by on July 1, 2013

June 28, Softpedia – (International) Ruby updated to address hostname check bypass flaw in SSL client. Ruby released several patches addressing a hostname check bypassing security hole in the SSL client that was discovered by an iSEC Partners researcher allowing cybercriminals to potentially launch man-in-the-middle attacks to spoof SSL servers. Source: http://news.softpedia.com/news/Ruby-Updated-to-Address-Hostname-Check-Bypass-Flaw-in-SSL-Client-364057.shtml

June 27, Krebs on Security – (International) Carberp code leak stokes copycat fears. The botnet creation kit, Carberp, coded by a team of hackers that used it to take an estimated $250 million from banks, was posted online on multiple forums for anyone to download. Experts worry that its publication will create new hybrid strains of sophisticated banking malware.
Source: http://krebsonsecurity.com/2013/06/carberp-code-leak-stokes-copycat-fears/

June 27, IDG News Service – (International) Cisco fixes serious vulnerabilities in email, Web and content security appliances. Cisco Systems released email, Web, and content security appliances patches addressing vulnerabilities in prior releases that could allow attackers to execute commands on the underlying operating system or disrupt critical processes.
Source: http://www.networkworld.com/news/2013/062713-cisco-fixes-serious-vulnerabilities-in-271352.html

 

From → Security

Comments are closed.

%d bloggers like this: