Skip to content

Gotham Security Daily Threat Alerts

by on January 9, 2014

January 8, Help Net Security – (International) OpenSUSE forums defaced via unknown vBulletin 0-day. A hacker exploited a vulnerability in vBulletin to deface the forums of the openSUSE Linux distribution and download a database containing the usernames and email addresses of around 80,000 users. Source: http://www.net-security.org/secworld.php?id=16177

January 8, Softpedia – (International) Expert finds clickjacking flaw in Google and open redirect in Facebook. A security researcher identified and reported an open URL redirect vulnerability in Facebook that could be used to redirect users to other sites and a clickjacking flaw in the Google Maps site that could have been exploited to alter a user’s Google+ profile and hijack their webcam. Both vulnerabilities were closed by Facebook and Google. Source: http://news.softpedia.com/news/Expert-Finds-Clickjacking-Flaw-in-Google-and-Open-Redirect-in-Facebook-Video-414803.shtml

January 8, Softpedia – (International) DailyMotion serves fake AV in malvertising attack. Invincea researchers found that the video sharing Web site DailyMotion had been serving fake antivirus malware via malicious advertisements. Source: http://news.softpedia.com/news/DailyMotion-Serves-FakeAV-in-Malvertising-Attack-Video-414893.shtml

January 8, Help Net Security– (International) New Zeus variant stymies malware analysis, has rootkit capabilities. Researchers at Trend Micro identified a new variant of the Zeus banking trojan which can prevent the execution of analysis tools and also has rootkit capabilities and the ability to hide files, folders, processes, and registry keys it creates or uses. Source: http://www.net-security.org/malware_news.php?id=2669

From → Security

Comments are closed.

%d bloggers like this: