Skip to content

Gotham Security Daily Threat Alerts

by on November 13, 2013

November 12, The Register – (International) Stale Blackhole leads to dried-up spam, claim badhat-probers. Trend Micro researchers found that with the Blackhole exploitkit no longer being updated, cybercriminals have turned to other methods for infecting users, with the Upatre exploit kit being a popular replacement and often used to spread the Cryptolocker ransomware. Source: http://www.theregister.co.uk/2013/11/12/cryptolocker_rise_blackhole_demise

November 12, Softpedia – (International) Reflected and stored XSS flaws found in DLink 2760N routers. A security researcher found and disclosed several stored and reflected cross-site scripting (XSS) vulnerabilities in the Web user interface for D-Lin2760N routers. Source: http://news.softpedia.com/news/Reflected-and-Stored-XSS-Flaws-Found-in-D-Link-2760N-Routers-399244.shtml

November 12, Dark Reading – (International) New IE vulnerability found in the wild; sophisticated Web exploit follows. FireEye researchers identified a new zero-day vulnerability in Microsoft Internet Explorer 7, 8, and 9 that uses a memory access vulnerability to execute code on computers that access a malicious Web site. A sophisticated exploit using the vulnerability was observed in the wild in a watering hole attack on an undisclosed Web site known to bring in visitors interested in national and international security issues. Source: http://www.darkreading.com/vulnerability/new-ie-vulnerability-found-in-the-wild-s/240163814

November 8, Wired.com – (International) Power plants and other vital systems are totally exposed on the Internet. A security researcher used a tool to run a scan of the iPv4 address space except for government agencies and universities and found unsecured remote management software running on 30,000 computers, leaving industrial processes and confidential information open to the Internet due to a lack of any security measures. Open virtual network computing systems were found in uses such as factory automation, hydroelectric power plants, agricultural automation, pharmacies, cash registers, and several others. Source: http://www.wired.com/threatlevel/2013/11/internet-exposed

From → Security

Comments are closed.

%d bloggers like this: