Skip to content

Gotham Security Daily Threat Alerts

by on June 26, 2014

June 24, IDG News Service – (International) Researchers expect large wave of rootkits targeting 64-bit systems. McAfee released a report June 24 that found that the number of new rootkit samples in the first quarter of 2014 increased to the highest levels seen since 2011, with more rootkits designed for 64-bit operating systems expected in the future. Source:

June 24, Securityweek – (International) AskMen compromised to distribute financial malware: Report. Researchers at Websense reported June 23 that the AskMen online magazine was compromised and used to redirect visitors to a malicious Web site hosting exploits for Java and Adobe Reader. Source:

June 24, Washington Post – (International) Microsoft says it’s resolved Outlook outage for business users across the country. Microsoft reported that it experienced an outage June 24 affecting its Exchange Online service, with users reporting being unable to access the email service for several hours. The issue was resolved later that evening. Source:

June 25, Dark Reading – (International) PayPal two-factor authentication broken. PayPal disabled its two-factor authentication option for mobile users after Duo Security researchers confirmed an independent researcher’s findings showing that it was possible to bypass the feature. The vulnerability exists in a PayPal API and affects mobile users but not PayPal’s Web application. Source:

June 25, Softpedia – (International) GameOver trojan is still in the game. Researchers with Arbor Networks reported that a Citadel campaign that evaded takedown attempts has been retrofitted with the GameOver trojan in order to continue its bank fraud operations as well as to distribute the CryptoLocker ransomware. Source:

June 25, Softpedia – (International) Cybercriminals lift over $680,000/500,000 EUR in one week. Researchers with Kaspersky reported finding a command and control (C&C) server for a man-in-the-browser (MitB) campaign that targeted an undisclosed large European bank and stole around $680,000 within 1 week from customers’ accounts. The C&C server was identified in January but the cybercriminals running it took it offline after 2 days, which prevented further analysis. Source:

From → Security

Comments are closed.

%d bloggers like this: