Skip to content

Gotham Security Daily Threat Alerts

by on August 22, 2014

August 20, The Register – (International) Cryptolocker flogged on YouTube. Two researchers reported that cybercriminals have been observed to use purchased ad space on YouTube in order to redirect users to malicious sites serving the Cryptolocker ransomware. The researchers are scheduled to present at the Virus Bulletin 2014 conference detailing how legitimate ad networks could be used to spread malware. Source:

August 20, Securityweek – (International) Vulnerability in WordPress Mobile Pack exposes password-protected posts. Researchers with dxw Security identified and reported a vulnerability in the Mobile Pack plugin for WordPress that could allow access to password-protected posts. The vulnerability was reported July 24 and closed August 19 with the release of Mobile Pack version 2.0.2. Source:

August 19, IDG News Service – (International) ‘Reveton’ ransomware upgraded with powerful password stealer. Avast researchers analyzed a new variant of the Reveton ransomware that now includes the Pony password and virtual currency stealer and a Papras family password stealer that can also disable security programs. The new variant was also programmed to check if an infected user had visited the Web sites of 17 German banks. Source:

August 19, SC Magazine – (International) Bug in iOS Instagram app fixed, impacts Facebook accounts. IOActive researchers reported that an issue in the Instagram app for iOS could leave users open to having their Facebook access token intercepted over public Wi-Fi due to the app sending the token in plain text. The issue was fixed in Instagram version 6.0.4 and users were advised to update to the latest version. Source:


From → Security

Comments are closed.

%d bloggers like this: