Skip to content

Gotham Security Daily Threat Alerts

by on January 23, 2014

January 22, Softpedia – (International) Russia accused of conducting global cyber espionage campaign. Researchers at CrowdStrike identified a large cyber espionage campaign targeting energy, government, defense, and other organizations in the U.S., Europe, and Asia operated by a group dubbed Energetic Bear that appears to be affiliated with the Russian government. The campaign has been monitored since August 2012 and relies on the HAVEX RAT and SYSMain RAT remote access trojans (RATs.) Source: http://news.softpedia.com/news/Russia-Accused-of-Conducting-Global-Cyber-Espionage-Campaign-419457.shtml

January 22, Threatpost – (International) XSS filter bypass bug found in Chrome and Safari. A researcher at Eleven Paths warned of a flaw in anti-cross site scripting (XSS) filters in the Chrome and Safari browsers that could be exploited to allow an attacker to bypass the filters and use XSS flaws on certain Web sites to compromise users’ systems. The researcher released a proof-of-concept for the vulnerability. Source: http://threatpost.com/xss-filter-bypass-bug-found-in-chrome-and-safari/103761

January 21, PCWorld – (International) Syrian Electronic Army hacks Microsoft’s Office Blogs site mere hours after redesign. Attackers claiming affiliation with the Syrian Electronic Army hacktivist group compromised Microsoft’s official Office Blogs site January 20. Microsoft reset the site’s account and regained control later that day. Source: http://www.pcworld.com/article/2089820/syrian-electronic-army-hacks-microsofts-office-blogs-site.html

From → Security

Comments are closed.

%d bloggers like this: