Skip to content

Gotham Security Daily Threat Alerts

by on April 2, 2014

April 1, Softpedia – (International) Experts unhappy with Oracle’s Java Cloud patching process, vulnerability details published. Researchers at Security Explorations published details of 30 vulnerabilities in Oracle Java Cloud Service, about half of which can be used to break the Java security sandbox. The vulnerabilities were previously reported to Oracle in January. Source

April 1, IDG News Service – (International) CryptoDefense ransomware leaves decryption key accessible. Symantec researchers analyzed the CryptoDefense encryption ransomware and found that the decryption key needed to undo the malware’s file encryption is also left on the victim’s computer, potentially allowing victims to decrypt the files held for ransom themselves. Source

April 1, – (International) Middle Eastern hackers use remote access trojan to infect 24,000 machines worldwide. Researchers at Symantec reported finding 487 groups actively using the njRAT remote access trojan (RAT) for malicious uses, with around 24,000 machines infected worldwide. Symantec reported that most attacks using njRAT originate in the Middle East and that the majority of the RAT’s command and control servers are located in the Middle East and North Africa. Source

April 1, Softpedia – (International) Email marketing service Mad Mimi hit by DDoS attacks, blackmailed. Email marketing service Mad Mimi reported that it was the target of a distributed denial of service (DDoS) attack March 30, which caused intermittent issues. An attack claiming to be behind the DDoS attack demanded a ransom to stop the attack but was refused. Source

March 31, SC Magazine – (International) Smartphones at risk of malicious code injection through HTML5-based apps. Researchers at Syracuse University published a paper detailing how HTML5-based smartphone apps could allow for devices to be targeted with a new Cross-Device Scripting (XDS) attack that could inject malicious code via WiFi scanning, SMS messaging, or other means. Source


From → Security

Comments are closed.

%d bloggers like this: