Skip to content

Gotham Security Daily Threat Alerts

by on July 16, 2014

July 15, IDG News Service – (International) Critical design flaw in Microsoft’s Active Directory could allow password change. Researchers with Aorato identified a flaw within Microsoft’s Active Directory which could allow attackers to change a victim’s password and use the new password to access a company’s network and enterprise functions. The vulnerability relies on the older NTLM authentication protocol to perform a “pass-the-hash” attack to gain access. Source: http://www.pcworld.com/article/2454103/critical-design-flaw-in-active-directory-could-allow-for-a-password-change.html

July 15, Help Net Security – (International) Amazon-based malware triples in 6 months. Solutionary released an analysis of Internet service providers (ISPs) and hosting providers hosting malware and found that Amazon was the top malware-hosting ISP, with a 250 per cent increase during the second quarter of 2014, among other findings. Source: http://www.net-security.org/malware_news.php?id=2808

July 15, Softpedia – (International) Google’s Dropcam monitoring device open for video hijacking. Researchers with Synack found that the Google Dropcam home monitoring cameras contain vulnerabilities which could allow the camera’s video and sound content to be intercepted by attackers. The vulnerabilities stem from an old version of OpenSSL that is vulnerable to the Heartbleed flaw and other issues, and from an old version of BusyBox that contains exploitable flaws. Source: http://news.softpedia.com/news/Google-s-Dropcam-Monitoring-Device-Open-for-Video-Hijacking-450737.shtml

July 15, Help Net Security – (International) CNET attacked by Russian hackers, user database stolen. CBS Interactive confirmed that media Web site CNET was compromised after attackers claiming affiliation with the Russian hacker group W0rm stated that they were able to obtain databases containing usernames, emails, and encrypted passwords for over 1 million users. The attackers stated that they used a flaw in the site’s implementation of the Symfony PHP framework and claimed that the attack was performed for security demonstration purposes and the information would not be sold. Source: http://www.net-security.org/secworld.php?id=17117

July 14, The Register – (International) Gameover ZeuS botnet pulls dripping stake from heart, staggers back from the UNDEAD. Sophos researchers reported that a new variant of the GameOver Zeus trojan is being used to re-establish a botnet 6 weeks after an international law enforcement effort disrupted the original botnet used for banking credential theft and the distribution of the CryptoLocker ransomware. Source: http://www.theregister.co.uk/2014/07/14/gameover_zeus_botnet_back

 

From → Security

Comments are closed.

%d bloggers like this: