Skip to content

Gotham Security Daily Threat Alerts

by on June 19, 2014

June 18, Softpedia – (International) Zbot variant poorly detected by AV engines. An AppRiver researcher discovered a variant of the Zeus/Zbot trojan being distributed in spam emails inside a password-protected .zip file, allowing it to evade many security programs and filters. The researcher reported that the malware was identified by 5 of 52 antivirus engines. Source: http://news.softpedia.com/news/Password-Protected-Zbot-Variant-Poorly-Detected-by-AV-Engines-447373.shtml

June 18, Help Net Security – (International) Microsoft patches DoS flaw in its Malware Protection Engine. Microsoft released an update for its Malware Protection Engine that closes a vulnerability that could allow an attacker to use a specially-created file to trigger a denial of service (DoS) attack. Source: http://www.net-security.org/secworld.php?id=17022

June 18, Threatpost – (International) Belkin patches directory traversal bug in wireless router. Belkin released a firmware update for its N150 wireless home routers in order to close a serious directory traversal vulnerability that could allow a remote, unauthenticated attacker to read system files on the router. Users were advised to update their firmware as soon as possible. Source: http://threatpost.com/blekin-patches-directory-traversal-bug-in-wireless-router

June 18, Softpedia – (International) Symantec Web Gateway 5.2 susceptible to SQL injection and XSS attacks. Symantec advised users of its Symantec Web Gateway product running version 5.2 of its appliance management console to update to the newest 5.2.1 build after a SQL injection and a cross-site scripting (XSS) vulnerability were found in 5.2. The vulnerabilities could enable unauthorized privileged access to databases and the hijacking of user sessions. Source: http://news.softpedia.com/news/Symantec-Web-Gateway-5-2-Susceptible-to-SQL-Injection-and-XSS-Attacks-447241.shtml

June 18, Softpedia – (International) Tumblr blogs compromised to redirect to diet pill spam. A Symantec researcher found that several Tumblr blogs and Pinterest accounts have been hijacked in order to redirect visitors to a spam Web site promoting diet pills. Source: http://news.softpedia.com/news/Tumblr-Blogs-Compromised-to-Redirect-to-Diet-Pill-Spam-447395.shtml

June 17, SC Magazine – (International) Researchers detect spike in “snowshoe” spam attacks using .club gTLD. Researchers with Symantec reported an increase in spam attacks utilizing multiple IP addresses and generic top-level domains (gTLD) to attempt to prevent detection by spam filters, known as “snowshoe” attacks. The increase was first observed June 12, with the attacks using .club domains. Source: http://www.scmagazine.com/researchers-detect-spike-in-snowshoe-spam-attacks-using-club-gtld/article/356258/

June 17, Securityweek – (International) TowelRoot vulnerability could lead to attacks on Android devices: Researcher. Researchers with Lacoon Mobile Security reported that a Linux vulnerability exploited in the TowelRoot rooting tool for Android devices could also be used by attackers to gain root/administrator privileges and bypass Android security controls. Source: http://www.securityweek.com/towelroot-vulnerability-could-lead-attacks-android-devices-researcher

 

From → Security

Comments are closed.

%d bloggers like this: