Skip to content

Gotham Security Daily Threat Alerts

by on September 18, 2014

September 17, Securityweek – (International) Twitter fixes vulnerability potentially impacting company’s ad revenue. A security researcher identified and reported a vulnerability in a Twitter subdomain that could be used to delete the payment card information used by advertisers to pay for ads on the social media network. Twitter addressed the vulnerability and awarded a $2,800 bounty to the researcher. Source: http://www.securityweek.com/twitter-fixes-vulnerability-potentially-impacting-companys-ad-revenue

September 17, Securityweek – (International) Amazon fixes persistent XSS vulnerability affecting Kindle library. Amazon addressed a cross-site scripting (XSS) vulnerability on the Amazon Web page used to manage users’ Kindle libraries that could be used by an attacker to inject malicious code through eBook metadata. Source: http://www.securityweek.com/amazon-fixes-persistent-xss-vulnerability-affecting-kindle-library

September 17, Help Net Security – (International) Macro based malware is on the rise. Researchers with Sophos found that macro-based malware created in Visual Basic rose from around 6 percent of document malware to 28 percent in July, among other findings. Source: http://www.net-security.org/malware_news.php?id=2867

September 16, Threatpost – (International) Adobe gets delayed Reader update out the door. Adobe released new versions of Adobe Reader and Acrobat September 16 that were delayed during Adobe’s scheduled patch release the week of September 8. The updates close eight vulnerabilities including two memory corruption issues and a cross-site scripting (XSS) vulnerability affecting Macintosh users. Source: http://threatpost.com/adobe-gets-delayed-reader-update-out-the-door

September 16, Threatpost – (International) Archie exploit kit targets Adobe, Silverlight vulnerabilities. Researchers at AlienVault Labs analyzed a new exploit kit first identified by EmergingThreats researchers and found that the Archie exploit kit attempts to exploit older versions of Adobe Flash, Reader, and Microsoft Silverlight and Internet Explorer. Source: http://threatpost.com/archie-exploit-kit-targets-adobe-silverlight-vulnerabilities

From → Security

Comments are closed.

%d bloggers like this: