Skip to content

Gotham Security Daily Threat Alerts

by on January 30, 2014

January 28, Softpedia – (International) Researchers discover first Android bootkit, 350,000 devices already infected. Researchers at Doctor Web discovered what is believed to be the first Android bootkit, dubbed Android.Oldboot, which infects Android devices and waits for commands from a server to perform actions such as the downloading, installation, or deletion of apps. Researchers believe it is being spread via modified firmware updates, with the majority of the 350,000 infected devices found in China. Source:

January 28, Softpedia – (International) NetSky worm spreads via email attachments. Researchers at Symantec identified a cybercriminal operation using a worm dubbed NetSky that sends several different phishing emails containing the worm to the same email addresses. If a user opens the attached files the worm sends a copy of itself by email to the user’s contacts. Source:

January 28, Softpedia – (International) Foursquare flaw could have been exploited to obtain users’ email addresses. A researcher published findings related to a vulnerability in Foursquare that could have been used to obtain users’ email addresses by altering part of a URL used to accept friend requests. The issue was fixed in 2013 but the researchers’ findings were only recently disclosed. Source:

January 28, Softpedia – (International) Google Chrome 32.0.1700.102 fixes memory corruption bug in V8. Google released the latest update to its Chrome browser, including patches for 14 security issues, including a use-after-free error occurring with SVG images and a memory corruption vulnerability in the V8 JavaScript engine. Source:

January 27, Dark Reading – (International) Air Force researchers plant rootkit in a PLC. Researchers with the U.S. Air Force Institute of Technology created a prototype rootkit that can be installed on programmable logic controllers (PLCs) via modified firmware, USB device, or connected laptop and disrupt operations. The rootkit exploits the lack of security and monitoring capability in most PLCs. Source:

January 27, Softpedia – (International) Cybercriminals steal FTP credentials with fake FileZilla. Avast researchers warned users of cybercriminals using a fake version of the FileZilla FTP client to steal users’ FTP credentials. The fake FileZilla client can then upload the credentials to a server for use in hosting malware or stealing data. Source:

From → Security

Comments are closed.

%d bloggers like this: