Skip to content

Gotham Security Daily Threat Alerts

by on July 18, 2013

July 17, The Register – (International) Oracle releases July patch batch…with 27 fixes for remote exploits. Oracle released a quarterly Critical Patch Update containing 89 updates for various Oracle products, 27 of which are fixes for remotely exploitable vulnerabilities. Source: http://www.theregister.co.uk/2013/07/17/oracle_quarterly_patch_batch/

July 17, Softpedia – (International) Tumblr updates iOS apps to prevent hackers from stealing user passwords. Tumblr released a security update for its iOS apps which closes a vulnerability that could have been exploited to compromise passwords. Tumblr advised users of the apps to change their passwords. Source: http://news.softpedia.com/news/Tumblr-Updates-iOS-Apps-to-Prevent-Hackers-from-Stealing-User-Passwords-368777.shtml

July 17, IDG News Service – (International) Apache Struts security update fixes critical vulnerabilities. The Apache Software Foundation released a security update for Struts which closes two vulnerabilities, including a remotely exploitable vulnerability that could be used to execute arbitrary code. Source: http://www.pcworld.com/article/2044522/apache-struts-security-update-fixes-critical-vulnerabilities.html

July 16, Dark Reading – (International) U.S. still tops spam-relaying ‘dirty dozen’ countries. A quarterly report by Sophos found that in the second quarter of 2013 the U.S. remained the top country for relaying spam, with Belarus relaying the second most amount of spam. Source: http://www.darkreading.com/end-user/us-still-tops-spam-relaying-dirty-dozen/240158381

July 16, CSO – (International) New Android malware lowers the bar for cybercriminals. Symantec researchers discovered a ‘binder’ for sale on underweb markets that simplifies the repackaging of legitimate apps with the AndroRAT remote access trojan. Source: https://www.networkworld.com/news/2013/071613-new-android-malware-lowers-the-271883.html

July 16, SC Magazine – (International) FBI ransomware scam finds new home on the Mac. Malwarebytes researchers reported finding a strain of well-known ransomware for Mac OS X systems. Source: http://www.scmagazine.com/fbi-ransomware-scam-finds-new-home-on-the-mac/article/303320/

July 16, The H – (International) Critical vulnerabilities in numerous ASUS routers. A security researcher reported critical vulnerabilities in several ASUS routers that can allow remote unauthorized access to critical system files if the AiCloud media server is activated. Source: http://www.h-online.com/security/news/item/Critical-vulnerabilities-in-numerous-ASUS-routers-1918469.html

July 16, IDG News Service – (International) Malware campaign strikes Asian, European governments. Trend Micro detected a targeted malware attack against representatives of European and Asian governments that steals login credentials. The attack appears as an email attachment and exploits previously unpatched Microsoft Office vulnerabilities. Source:
https://www.computerworld.com/s/article/9240809/Malware_campaign_
strikes_Asian_European_governments

July 16, Softpedia – (International) MSI.com hacked, abused to distribute malware. The Web site of Micro-Star International (MSI) was hacked and used by attackers to redirect visitors to a domain hosting an exploit kit. Source: http://news.softpedia.com/news/MSI-com-Hacked-Abused-to-Distribute-Malware-368389.shtml

July 16, Threatpost – (International) Amazon 1Button browser add-on leaks data in plain text. A security researcher found that the Amazon 1Button browser extension reports all URLs visited by a user to Alexa in plain text, including encrypted HTTPS sessions. Source: https://threatpost.com/amazon-1button-browser-add-on-leaks-data-in-plain-text/101303

July 15, Softpedia – (International) EXPIRO file infectors used to steal information from US companies. New variants of the PE_EXPIRO malware were spotted in the wild by Trend Micro researchers, with 70 percent of infections detected in the U.S. Source: http://news.softpedia.com/news/EXPIRO-File-Infectors-Used-to-Steal-Information-from-US-Companies-368172.shtml

July 15, Reuters – (International) Researchers hack Verizon device, turn it into mobile spy station. Two security researchers found and demonstrated a method to compromise Verizon signal-boosting femtocell devices and use them to eavesdrop on smartphone calls, text messages, and data. Source: http://www.reuters.com/article/2013/07/15/us-verizon-hacking-idUSBRE96E06X20130715

From → Security

Comments are closed.

%d bloggers like this: