Skip to content

Gotham Security Daily Threat Alerts

by on August 7, 2014

August 5, IDG News Service – (International) Oracle issues fix for Java update that crippled some Web apps. Oracle issued an update for Java 7, Java 7 Update 67, which contains a fix for an issue in the recent Java 7 Update 65 that caused some Web applications to be unable to launch. Source

August 5, The Register – (International) Multi function p0wnage just getting worse, researcher finds. A researcher with Rapid 7 reported that multi-function printers from several companies contain vulnerabilities that can allow an attacker to access usernames, email addresses, and passwords from corporate Active Directory accounts. The researcher and his team reported being able to gain access to corporate networks in 40-50 percent of attempts. Source

August 5, Help Net Security – (International) DDoS attack volumes plummet as NTP servers got patched. Black Lotus released its Q2 2014 Threat Report which found that patching weaknesses in systems decreased distributed reflection denial of service (DrDoS) attacks by 86 percent in the second quarter of 2014 while multi-vector attacks such as TCP SYN and HTTP GET attacks increased 140 percent during the quarter, among other findings. Source

August 5, Securityweek – (International) Mobile users targeted with SandroRat posing as security software. Researchers with McAfee identified a campaign targeting Android users in Europe which disguises the SandroRat malware as a Kaspersky mobile security app to trick users into installing it. The malware is spread via text messages and emails and purports to be from a bank as a means of enhancing mobile security. Source

August 5, Securityweek – (International) Flaw enabled access to internal Yahoo administration panel. A researcher with RMSEC identified and reported an issue with Yahoo that allowed him to guess a correct URL and then be logged into an internal content management system (CMS) with full administrator rights. Yahoo closed the issue after being informed by the researcher. Source

August 5, Securityweek – (International) Apache Cordova vulnerabilities expose Android apps. IBM Security Systems researchers identified three vulnerabilities in the Apache Cordova developer APIs that could allow attackers to steal sensitive information from applications created using Apache Cordova. The Apache Cordova development team was notified by the researchers prior to public disclosure and an update was released August 4 that closes the flaws. Source

August 4, Threatpost – (International) RAT malware communicating via Yahoo Mail. A researcher with G-Data published an analysis of a remote access trojan (RAT) known as IcoScript that has mostly gone undetected since 2012 and uses Yahoo Mail to communicate with its controllers to avoid creating suspicious traffic. The RAT could also be modified to use Gmail or other webmail providers. Source

August 6, New York Times – Russian Hackers Amass Over a Billion Internet Passwords. A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say. The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems. Source

From → Security

Comments are closed.

%d bloggers like this: