Skip to content

Gotham Security Daily Threat Alerts

by on March 20, 2014

March 19, Softpedia – (International) Security researcher accidentally crashes Google Play when testing PoC app. A security researcher uploading a proof of concept for a potential Android vulnerability may have caused several users to be unable to upload applications to the Google Play app market for a short time. Source: http://news.softpedia.com/news/Security-Researcher-Accidentally-Crashes-Google-Play-When-Testing-POC-App-432931.shtml

March 19, Softpedia – (International) Hacked EA server used to host Apple phishing page. Researchers at Netcraft reported that attackers compromised a server that hosts two Electronic Arts (EA) Web sites and used it to host a phishing page that mimics an Apple login page. Source: http://news.softpedia.com/news/Hacked-EA-Website-Used-to-Host-Apple-Phishing-Page-432977.shtml

March 19, Softpedia – (International) Expert finds RCE flaw in Yahoo after logging in with “Admin/Admin” credentials. A security researcher identified and reported a flaw in a Hong Kong subdomain of Yahoo that allowed him to gain read/write/execute permissions by entering a default login name and password. The issue was reported February 20 and fixed February 21. Source: http://news.softpedia.com/news/Expert-Finds-RCE-Flaw-on-Yahoo-After-Logging-in-with-Admin-Admin-Credentials-432956.shtml

March 19, Softpedia – (International) Mozilla releases Firefox 28, fixes vulnerabilities presented at Pwn2Own. Mozilla released Firefox 28, the newest version of its Web browser, adding new features and closing 18 vulnerabilities identified during the Pwn2Own 2014 security competition. Source: http://news.softpedia.com/news/Mozilla-Releases-Firefox-28-Fixes-Vulnerabilities-Presented-at-Pwn2Own-432912.shtml

March 18, SC Magazine – (International) $30 RAT, WinSpy, involved in two phishing campaigns. FireEye researchers identified two phishing campaigns utilizing the WinSpy remote access trojan (RAT) and the GimmeRAT Android malware that comes packaged with the first RAT. One campaign used spear phishing emails targeting U.S. financial institutions while a second was an indiscriminate spam campaign. Source: http://www.scmagazine.com/30-rat-winspy-involved-in-two-phishing-campaigns/article/338770/

March 19, The Register – (International) ‘Zotob’ hacker ‘Diabl0’ arrested in Bangkok after three-year hunt. A Moroccan suspected of causing $4 billion in damages to Swiss banking systems was arrested in Thailand and faces extradition to Switzerland. The man was previously arrested and jailed in Morocco for spreading the Zotob worm that infected systems around the world, including a U.S. government Web site. Source: http://www.theregister.co.uk/2014/03/19/diabl0_hacker_arrested_bangkok/

 

From → Security

Comments are closed.

%d bloggers like this: