Skip to content

Gotham Security Daily Threat Alerts

by on October 29, 2013

October 28, Softpedia – (International) 4 Dutch men arrested for allegedly using TorRAT to plunder bank accounts. Authorities in the Netherlands arrested four individuals charged with allegedly using the TorRAT remote access trojan and other Tor-based services to perform around 150 fraudulent online banking transactions, steal around $1.4 million, and launder the stolen money. Source: http://news.softpedia.com/news/4-Dutch-Men-Arrested-for-Allegedly-Using-TorRAT-to-Plunder-Bank-Accounts-394827.shtml

October 28, IDG News Service – (International) ATM malware may spread from Mexico to English-speaking world. Researchers at Symantec found that the Ploutus banking malware previously used to empty ATMs in Mexico has been translated into English. Two versions made for operating on different ATMs were identified, with the malware spread via manually inserting a CD boot disk into an ATM. Source: http://www.networkworld.com/news/2013/102813-atm-malware-may-spread-from-275276.html

October 28, Help Net Security – (International) Researchers sinkhole several Cryptolocker C&Cs. Researchers at Kaspersky Labs were able to sinkhole three domains serving as command and control (C&C) servers used by the Cryptolocker ransomware. Source: http://www.net-security.org/malware_news.php?id=2613

October 28, Softpedia – (International) Buffer hacked, attackers send out spam via customer accounts. Hackers were able to compromise systems belonging to social media scheduling service Buffer October 26, sending out spam messages through customers’ Twitter and Facebook accounts. Facebook reported that 30,000 of its customers with connected Buffer accounts were affected. Source: http://news.softpedia.com/news/Buffer-Hacked-Attackers-Send-Out-Spam-via-Customer-Accounts-394698.shtml

October 28, The Register – (International) IBM warns Storwize arrays can DELETE ALL DATA. IBM warned owners of its Storwize arrays, Flex System V7000, and SAN Volume Controllers that administrator access could be obtained without authentication using vulnerabilities in Apache Struts, allowing an unauthorized user to make modifications to the configuration, including deleting all data. Source: http://www.theregister.co.uk/2013/10/28/ibm_storwize_arrays_at_risk_of_complete_deletion/

October 28, The Register – (International) Tenda seals shut router backdoor found by D-Link hole-prober. Tenda released a patch that closes a backdoor vulnerability in three models of routers that could be used to take over a router and execute commands using a UDP packet with a special string. Source: http://www.theregister.co.uk/2013/10/28/tenda_bricksup_router_backdoor/

From → Security

Comments are closed.

%d bloggers like this: