Skip to content

Gotham Security Daily Threat Alerts

by on January 22, 2014

January 21, Threatpost – (International) Cutwail-like spambot hides malicious activity in its traffic. Researchers at Dell SonicWALL identified a new spam botnet dubbed Wigon.PH_44 being served on compromised Web sites hosted on the WordPress platform that uses large amounts of HTTP POST and GET requests in order to disguise the true nature of its traffic. Source: http://threatpost.com/cutwail-like-spambot-hides-malicious-activity-in-its-traffic/103744

January 21, Softpedia – (International) Android malware disguised as security update steals SMSs and intercepts phone calls. FireEye researchers identified six versions of a new Android malware dubbed Android.HeHe that can intercept SMS messages and phone calls from numbers specified in a file. The malware is being distributed disguised as a security update for Android. Source: http://news.softpedia.com/news/Android-Malware-Disguised-as-Security-Update-Steals-SMSs-and-Intercepts-Phone-Calls-419230.shtml

January 21, The Register – (International) Hacker breaks into ThrustVPS, launches phishing attack from firm’s own servers. Virtual private server company ThrustVPS stated that they were the victim of a phishing attack that compromised their systems and allowed an attacker to upload a php shell and mailer script, which caused phishing emails to be sent from the company’s servers. Source: http://www.theregister.co.uk/2014/01/21/thrustvps_penetrated_by_phishing_attack/

January 20, The Register – (International) Google pulls Chrome extensions after new owners subvert web tools. Google pulled at least two extensions for its Chrome browser from the company’s online store after a researcher found that spammers and other malicious actors bought the software from developers and then added advertising or other unwanted components to updates for the extensions. Source

January 20, Threatpost – (International) Starbucks fixes vulnerable iOS app, geolocation issue persists. Starbucks issued a patch for its iOS app that was found to contain user names and passwords in plain text. Source: http://threatpost.com/starbucks-fixes-vulnerable-ios-app-geolocation-issue-persists/103730

January 18, Softpedia – (International) Android vulnerability can be exploited to capture data of VPN users. Researchers at Ben Gurion University identified a vulnerability in Android that could be used to bypass active virtual private network (VPN) configurations in order to intercept secure communications. The researchers released a proof-of-concept for the vulnerability. Source: http://news.softpedia.com/news/Android-Vulnerability-Can-Be-Exploited-to-Capture-Data-of-VPN-Users-418314.shtml

January 17, Associated Press – (Puerto Rico) Personal information of Puerto Rico doctors stolen. The president of Puerto Rico’s Association of Surgeons stated that the association’s electronic system was recently hacked and the personal information of all medical doctors licensed to practice on the island was stolen. The doctors have also been receiving harassing emails. Source: http://www.washingtonpost.com/world/the_americas/personal-information-of-puerto-rico-doctors-stolen/2014/01/17/e8354b96-7f9b-11e3-97d3-b9925ce2c57b_story.html

From → Security

Comments are closed.

%d bloggers like this: