Skip to content

Gotham Security Daily Threat Alerts

by on May 23, 2014

May 22, Help Net Security – (International) Sophisticated Google Drive phishing campaign persists. Researchers at Symantec reported that a persistent phishing campaign targeting Google users is using a Google Drive phishing page that appears more legitimate than most due to it being served over SSL from the Google Drive service itself. Users who fall victim to the phishing page are also redirected to another malicious page and may be exposed to malware infection. Source: http://www.net-security.org/secworld.php?id=16908

May 22, Softpedia – (International) Hackers bypass iOS 7/iCloud activation lock, free thousands of iPhones (some potentially stolen). Two researchers created a service which can unlock devices locked by Apple’s iCloud Activation Lock system, allowing users to return locked devices to service. The same service could be used by criminals to unlock stolen Apple devices however, and the researchers contacted Apple to inform them of the flaw that allows the unlocking. Source: http://news.softpedia.com/news/Hackers-Bypass-iOS-7-Activation-Lock-Free-Thousands-of-iPhones-443323.shtml

May 21, IDG News Service – (International) New Internet Explorer zero-day details released after Microsoft fails to patch. Details of an unpatched zero-day vulnerability in Microsoft’s Internet Explorer (IE) 8 browser were released by HP’s Zero Day Initiative after the researcher that discovered the flaw reported it 6 months ago. The vulnerability is classified as a use-after-free flaw and could allow an attacker to gain the same user rights as a user who is brought to a malicious Web site. Source: http://www.networkworld.com/news/2014/052214-new-internet-explorer-zero-day-details-281820.html

May 21, SC Magazine – (International) A billion shortened URLs go down following DoS attack. Link-shortening service is.gd was disrupted May 18 due to a denial-of-service (DoS) attack that made around a billion links shortened by the service unavailable. Source: http://www.scmagazine.com/a-billion-shortened-urls-go-down-following-dos-attack/article/347958/

May 21, IDG News Service – (International) Point-of-sale attacks accounted for a third of data breaches in 2013, report says. Trustwave released a report on data breaches that the company investigated in 2013, which found that e-commerce intrusions accounted for 54 percent of investigated data breaches, while point-of-sale (POS) system intrusions constituted 33 percent of data breaches, among other findings. Source: http://www.networkworld.com/news/2014/052114-point-of-sale-attacks-accounted-for-a-281793.html

From → Security

Comments are closed.

%d bloggers like this: