Skip to content

Gotham Security Daily Threat Alerts

by on April 23, 2014

April 22, Help Net Security – (International) Supposedly patched router backdoor was simply hidden. A security researcher who discovered a backdoor vulnerability in several popular home routers found that the firmware update issued by manufacturer Sercomm does not close the vulnerability but instead hides the backdoor. The backdoor can then be opened after sending a specific network packet to the router from the local area network (LAN) or the Internet service provider (ISP), allowing attackers reset the device’s configuration, username, and password to default settings. Source: http://www.net-security.org/secworld.php?id=16721

April 22, Softpedia – (International) Verizon publishes 2014 Data Breach Investigations Report. Verizon published its 2014 Data Breach Investigations Report, focusing on cyber and physical data breaches across several industries. The report found 198 point of sale (POS) intrusions during 2013, with retail, accommodation, and food services industries the most targeted, among other findings. Source: http://news.softpedia.com/news/Verizon-Publishes-2014-Data-Breach-Investigations-Report-438708.shtml

April 22, Softpedia – (International) Django 1.6.3 released to address 3 security issues. The developers of the Django framework for Python released new versions of the framework, closing three security vulnerabilities. Source: http://news.softpedia.com/news/Django-1-6-3-Released-to-Address-3-Security-Issues-438666.shtml

April 21, Threatpost– (International) Oracle gives Heartbleed update, patches 14 products. Oracle released updates for five products April 21, closing vulnerabilities related to the Heartbleed vulnerability in OpenSSL. Source: http://threatpost.com/oracle-gives-heartbleed-update-patches-14-products/105576

April 21, SC Magazine – (International) Critical update makes P2P Zeus trojan even tougher to remove. Fortinet researchers found that the peer-to-peer (P2P) Zeus banking trojan recently received an update that also installs a rootkit driver, making the trojan difficult to remove from infected systems. Source: http://www.scmagazine.com/critical-update-makes-p2p-zeus-trojan-even-tougher-to-remove/article/343551/

 

From → Security

Comments are closed.

%d bloggers like this: