Skip to content

Gotham Security Daily Threat Alerts

by on August 6, 2013

August 5, Threatpost – (International) BREACH compression attack steals HTTPS secrets in under 30 seconds. Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext (BREACH) an attack that enables the reading of encrypted messages via plaintext injection into an HTTPS request, prompted an advisory after it was demonstrated at the Black Hat 2013 conference. Source: https://threatpost.com/breach-compression-attack-steals-https-secrets-in-under-30-seconds/101579

August 5, Wired.com – (International) Feds are suspects in new malware that attacks Tor anonymity. A piece of malware that exploits a vulnerability in Firefox 17 and redirects connections over The Onion Router (TOR) network so users’ true IP addresses can be discerned was found on several Web sites hosted by Freedom Hosting. Source: http://www.wired.com/threatlevel/2013/08/freedom-hosting/

August 5, Softpedia – (International) Experts say 10 companies are responsible for 60% of Russian mobile malware. Security firm Lookout released a study of Russian mobile malware and found that 10 organizations were responsible for creating 60% of mobile malware originating in Russia, among other findings. Source: http://news.softpedia.com/news/Experts-Say-10-Companies-Are-Responsible-for-60-of-Russian-Mobile-Malware-373107.shtml

August 5, Softpedia – (International) Samsung Smart TVs can be hijacked, researchers warn. Researchers from ISEC Partners at the Black Hat 2013 conference demonstrated several vulnerabilities in Samsung Smart TVs that can be exploited to obtain sensitive information or spy via webcam. Source: http://news.softpedia.com/news/Samsung-Smart-TVs-Can-Be-Hijacked-Researchers-Warn-373064.shtml

August 5, V3.co.uk – (International) IPv6 is latest tool for stealing credit card numbers and passwords. Security firm Neohapsis warned that the lack of implementation of the IPv6 protocol could allow attacks to monitor networks or redirect users to malicious pages by setting up a false IPv6 version of an IPv4 connection. Modern operating systems will then select the IPv6 connection due to their inbuilt preference for the protocol. Source: http://www.v3.co.uk/v3-uk/news/2286734/ipv6-is-latest-tool-for-stealing-credit-card-numbers-and-passwords

August 4, IDG News Service – (International) Android one-click Google authentication method puts users, businesses at risk. A Tripwire researcher at the DEF CON 21 conference detailed a way in which the weblogin feature on Google sites can be used to give attackers access to Google accounts. The researcher published a proof-of-concept app that can steal weblogin tokens and send them to the attacker for use. Source: https://www.computerworld.com/s/article/9241355/Android_one_click_
Google_authentication_method_puts_users_businesses_at_risk

August 2, PC Magazine – (International) Smart bot reads your Facebook, mimics you in spear phishing messages. Trustwave researchers presented findings on how social media is used to generate spearphishing attacks and released a tool called Microphisher which automates the monitoring of a target’s social media in order to develop a ‘fingerprint’ of believable language patterns to better impersonate the target. Source: http://securitywatch.pcmag.com/security/314402-smart-bot-reads-your-facebook-mimics-you-in-spear-phishing-messages

August 2, Techworld – (International) Phishing attacks show sudden drop as criminals use servers for DDoS. The Anti-Phishing Working Group released their first quarter 2013 report, which found that detected phishing Web sites fell 20 percent in the quarter as cybercriminals switched servers to malware distribution or distributed denial of service (DDoS) attacks. Source: http://news.techworld.com/security/3462159/phishing-attacks-show-sudden-drop-as-criminals-use-servers-for-ddos/

August 2, Computerworld – (International) Attackers turning to legit cloud services firms to plant malware. A researcher at Zscaler presented findings at the Black Hat 2013 conference that showed cybercriminals are increasing their use of legitimate cloud services to distribute their malware. Source: https://www.computerworld.com/s/article/9241324/Attackers_turning_
to_legit_cloud_services_firms_to_plant_malware

August 2, MIT Technology Review – (International) Chinese hacking team caught taking over decoy water plant. A Trend Micro researcher presented the results of a project which set up fake industrial control systems purporting to be connected to water plant systems, and found that the Comment Crew/APT1 Chinese hacking group had targeted and compromised one decoy system, among other project results. Source: http://www.technologyreview.com/news/517786/chinese-hacking-team-caught-taking-over-decoy-water-plant/

From → Security

Comments are closed.

%d bloggers like this: