Skip to content

Gotham Security Daily Threat Alerts

by on November 11, 2013

November 7, The Register – (International) KitKat swats yet another Android ‘MasterKey’ bug. The newest Android version 4.4 (KitKat) contains a fix for a vulnerability similar to the ‘Master Key’ vulnerability that could allow attackers to manipulate the filename length in ZIP files’ metadata and alter an app. Source: http://www.theregister.co.uk/2013/11/07/third_android_master_key_vuln_squashed/

November 7, Softpedia – (International) Rapid7 researchers discover vulnerabilities in Supermicro IPMI firmware. Researchers at Rapid7 identified seven vulnerabilities in Supermicro’s Intelligent Platform Management Interface (IPMI) server firmware, including hardcoded private encryption keys that could be used in man-in-the-middle attacks. Source: http://news.softpedia.com/news/Rapid7-Researchers-Discover-Vulnerabilities-in-Supermicro-IPMI-Firmware-398010.shtml

November 7, V3.co.uk – (International) Microsoft Office, Windows Server and Lync exploits linked to Operation Hangover hackers. Researchers at FireEye found that recent targeted attacks utilizing zero day vulnerabilities in Microsoft Office, Lync, and Server products to the group behind the Operation Hangover attacks and a new group dubbed Arx. Source: http://www.v3.co.uk/v3-uk/news/2305540/microsoft-office-windows-server-and-lync-exploits-linked-to-operation-hangover-hackers

November 7, Softpedia – (International) Bitcoin wallet Inputs.io hacked, 4,100 BTC stolen. Inputs.io notified users that attackers breached the bitcoin wallet service and stole around $1.1 million in bitcoins during two attacks. The attackers were able to compromise email accounts, reset passwords, and bypass two-factor authentication by exploiting a server vulnerability. Source: http://news.softpedia.com/news/Bitcoin-Wallet-Inputs-io-Hacked-4-100-BTC-Stolen-397853.shtml

November 7, Help Net Security – (International) Cybercriminals opting for real-time malware campaigns and phishing. Commtouch released a report for the third quarter of 2013 and found that the time between news events and phishing attacks that exploited them averaged only 22 hours and that the number of phishing Web sites increased by almost 35 percent during the quarter, among other findings. Source: http://www.net-security.org/malware_news.php?id=2620

November 7, IDG News Service – (International) Silk Road online drug marketplace resurfaces. Underweb marketplace The Silk Road, reappeared about a month after its alleged owner and operator was arrested. The marketplace that allegedly offers illegal drugs, fraudulent documents, and other illicit goods and services claimed that 7,000 individuals had registered as of November 6. Source: http://www.computerworld.com/s/article/9243869/Silk_Road_online_drug_marketplace_resurfaces

From → Security

Comments are closed.

%d bloggers like this: