Skip to content

Gotham Security Daily Threat Alerts

by on April 16, 2014

April 15, Softpedia – (International) Expert finds SQL injection, RCE vulnerabilities in Flickr Photo Books. A security researcher identified and reported a SQL injection vulnerability and a remote code execution vulnerability in Flickr’s Photo Books Web site that could allow an attacker to gain access to Flickr’s databases. Yahoo closed the vulnerabilities after a second report by the researcher. Source: http://news.softpedia.com/news/Expert-Finds-SQL-Injection-RCE-Vulnerabilities-in-Flickr-Photo-Books-Video-437724.shtml

April 15, Help Net Security – (International) Hardware manufacturer LaCie suffered year-long data breach. Computer storage manufacturer LaCie stated that the FBI informed the company of a data breach where malware was used to gain access to customer transactions carried out on the company’s Web site. LaCie temporarily disabled the e-commerce portion of its Web site and will be resetting users’ passwords in response. Source: http://www.net-security.org/secworld.php?id=16693

April 15, Help Net Security – (International) Heartbleed: VMware starts delivering patches. VMware announced that it began issuing patches for its products affected by the Heartbleed OpenSSL vulnerability, with patches for all affected products expected by April 19. Source: http://www.net-security.org/secworld.php?id=16692

April 14, Softpedia – (International) Flash SMS flaw in iOS can be exploited to make the lock screen unresponsive. A security researcher identified a Flash SMS flaw in iOS that can be used to make a device’s lock screen unresponsive, which could be used for ransom attacks. The flaw was fixed with the release of iOS 7.1 but devices running previous versions of the mobile operating system are vulnerable. Source: http://news.softpedia.com/news/Flash-SMS-Flaw-in-iOS-Can-Be-Exploited-to-Make-the-Lock-Screen-Unresponsive-437566.shtml

 

From → Security

Comments are closed.

%d bloggers like this: