Skip to content

Gotham Security Daily Threat Alerts

by on June 30, 2014

June 27, Securityweek – (International) Pony Loader 2.0 malware source code for sale. Researchers with Damballa stated that the source code for version 2.0 of the Pony Loader information-stealing trojan has been seen for sale in underweb markets. The trojan was offered for sale starting in May and allows attackers to steal information such as passwords as well as virtual currency such as Bitcoin and others. Source:

June 27, The Register – (International) Android SMS worm punts dodgy downloads…from your MATES. AdaptiveMobile researchers reported finding a piece of Android malware known as Selfmite that spreads like a worm by sending out SMS messages to infected users’ contacts that contain a link that attempts to get users to install the Mobogenie app in a likely pay-per-install scheme. The malware was first observed on mobile networks in the U.S. and has since spread to several other countries. Source:

June 27, Securityweek – (International) RIG Exploit Kit used in Flash-based malvertising campaign. Researchers with Malwarebytes stated June 26 that they have detected a malvertising campaign that attempts to lure users to a malicious Web site containing the RIG Exploit Kit, which then attempts to use Adobe Flash and Microsoft Silverlight vulnerabilities to spread a trojan identified a Trojan.Agent.ED. Source:

June 27, Softpedia – (International) LZO algorithm patched after 20 years. The CEO of Lab Mouse Security revealed that an integer overflow bug in the Lempel-Ziv-Oberhumer (LZO) compression and decompression algorithm has been present for as long as 20 years, leaving software using the algorithm vulnerable to remote code execution and denial of service attacks. The algorithm has been integrated into a variety of software, including the Linux kernel, some Android phones, medical equipment, and others, though the variety of applications means that attackers would need to build custom malicious payloads in order to exploit the issue. Source:

June 27, The Register – (International) Yet another WordPress vuln: Image furtler plugin lets BADNESS in. Security researchers warned users of the TimThumb plugin for WordPress that a vulnerability exists in the plugin that could allow attackers to inject code or create, remove, and modify files. The vulnerability exists in the plugin’s Webshot option, which is turned off by default. Source:

June 26, Softpedia – (International) VMware implements Apache Struts security fixes in vCOps. VMware released an update for its vCenter Operations Management Suite (vCOps) that close several vulnerabilities affecting the Apache Struts Java application framework. Source:

From → Security

Comments are closed.

%d bloggers like this: