Skip to content

Gotham Security Daily Threat Alerts

by on January 10, 2014

January 9, Softpedia – (Virginia; Arizona) Man admits hacking former employer’s systems to damage servers and reputation. A Tucson, Arizona man who previously worked for an undisclosed cloud computing services provider in Virginia admitted to continuing to access the systems of his former employer and to shutting down a key data server, causing hundreds of thousands of dollars in damage and making customers’ data inaccessible for several hours. Source: http://news.softpedia.com/news/Man-Admits-Hacking-Former-Employer-s-Systems-to-Damage-Servers-and-Reputation-415363.shtml

January 9, The Register – (International) Anatomy of a 22-year-old X Window bug: Get root with newly uncovered flaw. A flaw in the X Window System, which underpins many Linux desktops, was discovered that could allow a logged-in users to crash the X server or execute injected code as a supervisor. The stack buffer overflow issue has been in existence since 1991 and is present in all versions of X11. Source: http://www.theregister.co.uk/2014/01/09/x11_has_privilege_escalation_bug/

January 9, Softpedia– (International) The Straight Dope forum hacked, user passwords stolen. The forum of newspaper column The Straight Dope was compromised by attackers that accessed usernames, hashed passwords, and email addresses. Source: http://news.softpedia.com/news/The-Straight-Dope-Forum-Hacked-User-Passwords-Stolen-415094.shtml

January 9, Softpedia – (International) Network Time Protocol abused in DDoS attacks on gaming servers. Researchers found that recent distributed denial of service (DDoS) attacks against several online gaming services by a group called DERP Trolling were launched by abusing the Network Time Protocol. Source: http://news.softpedia.com/news/NTP-Protocol-Abused-in-DDOS-Attacks-on-Gaming-Servers-415059.shtml

January 8, IDG News Service – (International) Nvidia takes customer site offline after SAP bug found. Nvidia took their customer service Web site offline January 8 after a vulnerability in their version of SAP NewWeaver was reported. The vulnerability could let an unauthorized attacker take full control of the portal platform and was patched by SAP 3 years ago. Source: http://www.networkworld.com/news/2014/010914-nvidia-takes-customer-site-offline-277527.html

January 8, Softpedia – (International) Spammers use Asprox botnet to distribute malicious Atmos Energy emails. Researchers at Solutionary found that a recent spam campaign using Atmos Energy-themed emails was launched using the Asprox botnet. The researchers also found that the group behind the spam emails has recently been varying the themes of the spam it sends according to holidays and news events. Source: http://news.softpedia.com/news/Spammers-Use-Asprox-Botnet-to-Distribute-Malicious-Atmos-Energy-Emails-414836.shtml

January 9, Softpedia – (International) Malware stole data from computer at Japanese nuclear power plant. Malware installed on an administrative computer at the Monju nuclear power plant in Japan could have potentially stolen around 42,000 private documents from the plant’s systems. The malware was installed when a worker attempted to update a video playback program. Source: http://news.softpedia.com/news/Malware-Stole-Data-from-Computer-at-Japanese-Nuclear-Power-Plant-415175.shtml

From → Security

Comments are closed.

%d bloggers like this: