Skip to content

Gotham Security Daily Threat Alerts

by on December 17, 2013

December 16, Softpedia – (International) MisoSMS mobile botnet used in at least 64 spyware campaigns. Researchers at FireEye identified an Android botnet dubbed MisoSMS designed to steal text messages and send them back to command and control servers located in China. The botnet was found to have been used in at least 64 campaigns and mostly targeted users in South Korea. Source: http://news.softpedia.com/news/MisoSMS-Mobile-Botnet-Used-in-At-Least-64-Spyware-Campaigns-409588.shtml

December 16, Krebs on Security – (International) Botnet enlists Firefox users to hack Web sites. A security researcher discovered a botnet comprised of more than 12,500 systems dubbed Advanced Power that scans for vulnerabilities in Web sites visited by an infected system’s user. The botnet conducts SQL injection attacks on visited Web sites and disguises itself as a legitimate add-on for Mozilla’s Firefox browser. Source: http://krebsonsecurity.com/2013/12/botnet-enlists-firefox-users-to-hack-web-sites/

December 16, Softpedia – (International) Bogus VPN website used to distribute keylogger malware. Malwarebytes researchers identified a Web site purporting to offer a virtual private network (VPN) service that instead drops keylogging malware onto the victim’s system. Source: http://news.softpedia.com/news/Bogus-VPN-Website-Used-to-Distribute-Keylogger-Malware-409701.shtml

December 16, Softpedia – (International) XSS vulnerabilities patched in IP.Board 3.3.x and 3.4.x. Invision Power Services released updates for its IP.Board 3.3.x and 3.4.x products, closing cross-site scripting (XSS) vulnerabilities. Source: http://news.softpedia.com/news/XSS-Vulnerabilities-Patched-in-IP-Board-3-3-x-and-3-4-x-409685.shtml

From → Security

Comments are closed.

%d bloggers like this: