Skip to content

Gotham Security Daily Threat Alerts

by on October 31, 2013

October 30, Softpedia – (International) Expert finds unrestricted file upload vulnerability in Twitter. A researcher at Q-CERT identified and reported two vulnerabilities in Twitter that could have been leveraged to upload malicious files to a Twitter developer Web site and to redirect users to arbitrary Web sites. Twitter has since closed the reported vulnerabilities. Source: http://news.softpedia.com/news/Expert-Finds-Unrestricted-File-Upload-Vulnerability-in-Twitter-Video-395604.shtml

October 30, Softpedia – (International) 10 security fixes included in Firefox 25. Mozilla released the newest version of its Firefox browser, Firefox 25, which includes fixes for 10 security issues, 5 of which were rated critical. Source: http://news.softpedia.com/news/10-Security-Fixes-Included-in-Firefox-25-395477.shtml

October 29, Threatpost – (International) New injection campaign peddling rogue software downloads. Websense researchers reported that a mass injection campaign dubbed GWload has compromised at least 40,000 Web pages by tricking users into installing a fake version of VLC Media Player by claiming it is required to view content. Users who attempt to install the fake software then have several varieties of bloatware and other unwanted software installed on their systems. Source: http://threatpost.com/new-injection-campaign-peddling-rogue-software-downloads

October 29, CNET News – (International) MongoHQ scrambles to address major database hack. Database hosting service MongoHQ reported that it was the victim of a security breach October 28 that compromised users’ email addresses, hashed password data, and other account information. Source: http://news.cnet.com/8301-1009_3-57609938-83/mongohq-scrambles-to-address-major-database-hack/

From → Security

Comments are closed.

%d bloggers like this: