Skip to content

Gotham Security Daily Threat Alerts

by on December 13, 2013

December 12, Help Net Security – (International) Facebook users hit with phishing and malware combo attack. SANS ISC researchers reported a phishing and malware delivery campaign targeting Facebook users. The campaign uses a malicious Tumblr link contained in a phishing message that directs users to a phishing page and then to a fake Youtube page that prompts the user to install a trojan disguised as an update. Source: http://www.net-security.org/malware_news.php?id=2650

December 12, Softpedia – (International) App that claims to notify users of Bitcoin market changes hides RAT. A researcher at Arbor Networks identified a malicious app named BitCoin Alarm that purports to offer users market information on Bitcoins but in fact contains a remote access trojan (RAT) called NetWiredRC designed to harvest login information. Source: http://news.softpedia.com/news/App-That-Claims-to-Notify-Users-of-Bitcoin-Market-Changes-Hides-RAT-408736.shtml

December 11, Dark Reading – (International) Cybercriminals now enlisting database cloud services. Researchers at Imperva discovered a new botnet used for stealing online banking credentials that uses cloud-based MSSQL databases for command and control functions and data storage. The malware infected at least 370 systems in 5 days and could potentially be used to attack databases directly. Source: http://www.darkreading.com/attacks-breaches/cybercriminals-now-elisting-database-clo/240164662

December 11, IDG News Service – (International) Yahoo Mail still down for some users, after an attempted fix. Yahoo Mail experienced an outage beginning December 10 due to a hardware problem at one of Yahoo’s mail data centers. Some users continued to be unable to login December 11. Source: http://www.networkworld.com/news/2013/121113-yahoo-mail-still-down-for-276846.html

December 11, IDG News Service – (International) Nvidia exploit could turn render farms into password crackers, Bitcoin miners, researchers claim. Researchers at ReVuln identified a vulnerability in Nvidia’s Mental Ray 3D version 3.11.10 rendering software, which could allow an attacker to inject a malicious remote library into a target system and gain control over rendering machines or render farms. The compromised machines could then be used for GPU-intensive tasks such as password cracking and Bitcoin mining. Source: http://www.networkworld.com/news/2013/121113-nvidia-exploit-could-turn-render-276830.html

From → Security

Comments are closed.

%d bloggers like this: