Skip to content

Gotham Security Daily Threat Alerts

by on September 9, 2014

September 5, IDG News Service – (International) Cyberespionage group starts using new Mac OS X backdoor program. FireEye researchers found that a cyberespionage group dubbed GREF has recently begun using a backdoor program known as XSLCmd that targets Mac OS X systems in order to steal files and install additional malware. The GREF group is known for attacks on several sectors including the U.S. defense industry as well as electronics manufacturers, engineering firms, and non-governmental organizations worldwide. Source: http://www.networkworld.com/article/2603441/cyberespionage-group-starts-using-new-mac-os-x-backdoor-program.html

September 5, Help Net Security – (International) Coursera privacy issues exposed. A researcher identified and reported two issues in the Coursera online educational software that could disclose a list of students’ names, email addresses, information on their courses, and disable a stated protection feature. Coursera partially addressed one of the reported issues while the second remains unaddressed. Source: http://www.net-security.org/secworld.php?id=17334

September 4, SC Magazine – (International) Researchers discover two SQL injection flaws in WordPress security plugin. Researchers with High-Tech Bridge identified and reported two SQL injection vulnerabilities in the All in One WordPress Security and Firewall plugin that affects version 3.8.2 and likely all prior versions. Source: http://www.scmagazine.com/researchers-discover-two-sql-injection-flaws-in-wordpress-security-plugin/article/369851/

 

From → Security

Comments are closed.

%d bloggers like this: