Skip to content

Gotham Security Daily Threat Alerts

by on November 21, 2013

November 20, Krebs on Security – (International) Cupid Media hack exposed 42M passwords. Personal information including names, unencrypted passwords, email addresses, and birthdays belonging to around 42 million Cupid Media customers was discovered on the same servers that stored stolen information from Adobe, PR Newswire, and other organizations. The Australia-based dating site company stated that the data appeared to be related to a January 2013 breach. Source: http://krebsonsecurity.com/2013/11/cupid-media-hack-exposed-42m-passwords/

November 20, V3.co.uk – (International) Google adds Android and Apache to open source security rewards programme. Google expanded its security rewards program for researchers who reveal security issues to include its Android mobile operating system, Apache httpd, and others. Google plans to further expand the platforms included in the program before the end of the year. Source: http://www.v3.co.uk/v3-uk/news/2308040/google-adds-android-and-apache-to-open-source-security-rewards-programme

November 20, Softpedia – (International) Your LG Smart TV is spying on you, even if you tell it to stop. A security researcher found that LG Smart TVs can collect data on channels watched, device IDs, and the file names of external media even if the device’s advertisement service option is disabled. The information is then transmitted without encryption. Source: http://news.softpedia.com/news/Your-LG-Smart-TV-Is-Spying-on-You-Even-If-You-Tell-It-to-Stop-401874.shtml

November 20, Help Net Security – (New Jersey) E-Sports to pay $1M to settle covert Bitcoin mining complaint. E-Sports Entertainment entered into a settlement with the State of New Jersey and agreed to pay $1 million to resolve allegations that it infected around 14,000 computers in New Jersey with malware that allowed E-Sports to monitor subscribers’ program usage, mine Bitcoins, and create a botnet. Source: http://www.net-security.org/secworld.php?id=15984

November 19, Softpedia – (International) Google Ads point to fake Snapchat downloads. Researchers at ThreatTrack Security found that users searching for “Snapchat download” may encounter sponsored results that lead to potentially unwanted applications when they intend to download Snapchat. Similar campaigns of misleading sponsored search results have appeared on Bing as well. Source: http://news.softpedia.com/news/Google-Ads-Point-to-Fake-Snapchat-Downloads-401630.shtml

November 19, SC Magazine – (International) Phony anti-virus programs evade detection with stolen certificates. Researchers at BitDefender found a fake antivirus program named Antivirus Security Pro utilizing stolen digital certificates issued for East Entertainment Services in 2012. BitDefender contacted Ease Entertainment so that the certificates can be revoked. Source: http://www.scmagazine.com/phony-anti-virus-programs-evade-detection-with-stolen-certificates/article/321734/

November 18, IDG News Service – (International) Hackers actively exploiting JBoss vulnerability to compromise servers, researchers say. Researchers have spotted an increase in attackers using a known vulnerability found in products from several vendors to compromise JBoss Java EE application servers. Source: http://www.networkworld.com/news/2013/111913-hackers-actively-exploiting-jboss-vulnerability-276071.html

November 18, IDG News Service – (International) Google to pay $17 million to States in Apple cookies case. Google reached a settlement with 37 States and the District of Columbia over its unauthorized placement of cookies on devices running Apple’s Safari Web browser, and agreed to pay $17 million. Source: http://www.networkworld.com/news/2013/111813-google-to-pay-17-million-276070.html

From → Uncategorized

Comments are closed.

%d bloggers like this: