Skip to content

Gotham Security Daily Threat Alerts

by on November 18, 2013

November 15, Softpedia – (International) Linux machines exposed due to VMware Workstation host privilege escalation flaw. VMware released updates for its VMware Workstation and VMware Player software, fixing a vulnerability in how shared libraries are handled that could allow an attacker to escalate their privileges to root. Source: http://news.softpedia.com/news/Linux-Machines-Exposed-Due-to-VMware-Workstation-Host-Privilege-Escalation-Flaw-400690.shtml

November 15, Softpedia – (International) Arbor Networks analyzes Athena DDoS malware. Arbor Networks published an analysis of the Athena malware, capable of launching distributed denial of service (DDoS) attacks, stealing information, and downloading other malware. Source: http://news.softpedia.com/news/Arbor-Networks-Analyzes-Athena-DDOS-Malware-400363.shtml

November 15, Softpedia – (International) Google fixes critical Chrome flaw found by expert at Mobile Pwn2Own 2013. Google released an update to its Chrome browser that closes two critical vulnerabilities identified at the Mobile Pwn2Own 2013 competition. An exploit developed by a competitor in the contest leveraged an integer overflow and a bug to achieve full sandbox escape. Source: http://news.softpedia.com/news/Google-Fixes-Critical-Chrome-Flaw-Found-by-Expert-at-Mobile-Pwn2Own-2013-400471.shtml

November 15, Threatpost – (International) Apple iOS 7.04 fixes App Store purchase flaw. Apple released an update for iOS 7, which closes a vulnerability that could allow a user to make app or in-app purchases without entering their password. Source: http://threatpost.com/apple-ios-7-04-fixes-app-store-purchase-flaw

November 15, Softpedia – (International) Estonia agrees to extradite alleged DNSChanger cybercriminals to the U.S. Estonia agreed to extradite three suspects to the U.S. where they are charged with allegedly being involved in the DNSChanger malware campaign that infected 4 million computers and fraudulently obtain over $14 million. Source: http://news.softpedia.com/news/Estonia-Agrees-to-Extradite-3-Alleged-DNSChanger-Cybercriminals-to-the-US-AP-400627.shtml

November 14, IDG News Service – (International) Cybercriminals target Silverlight users with new exploit kit. Researchers found that the creators of the Angler Exploit Kit added an exploit for a known Microsoft Silverlight plugin vulnerability to the exploit kit’s capabilities. Source: http://www.networkworld.com/news/2013/111413-cybercriminals-target-silverlight-users-with-275993.html

From → Security

Comments are closed.

%d bloggers like this: