Skip to content

Gotham Security Daily Threat Alerts

by on September 24, 2014

September 18, Securityweek – (International) Apple fixes “backdoors” with release of iOS 8. Apple released the newest version of its mobile operating system, iOS 8, September 17, which adds improvements and closes over 50 security vulnerabilities. Source: http://www.securityweek.com/apple-fixes-backdoors-release-ios-8

September 17, Threatpost – (International) Series of vulnerabilities found in Schneider Electric SCADA products. An advisory from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) warned users of Schneider Electric StruxureWare SCADA Expert ClearSCADA products after researchers discovered unpatched, remotely-exploitable vulnerabilities. Included in the vulnerabilities is a cross-site scripting (XSS) issue that could allow industrial control systems (ICS) to be shut down, while an authentication bypass issue could give attackers access to sensitive information. Source: http://threatpost.com/series-of-vulnerabilities-found-in-schneider-electric-scada-products

September 17, Securityweek – (International) AppBuyer iOS malware targets jailbroken iPhones. Researchers with Palo Alto Networks analyzed a piece of iOS malware discovered by WeiPhone Technical Group in May and found that the malware dubbed AppBuyer is targeting jailbroken iPhones in order to steal Apple ID and password information and make unauthorized purchases from the App Store. Source: http://www.securityweek.com/appbuyer-ios-malware-targets-jailbroken-iphones

September 17, SC Magazine – (International) Analysts spot ‘Critolock,’ ransomware claims to be CryptoLocker. Researchers at Trend Micro identified a new piece of ransomware known as Troj_Critolock.A or Critolock that infects devices and encrypts users’ data and demands a ransom. The malware purports to be the CryptoLocker ransomware but contains several differences including its use of the Rijndael symmetric-key algorithm. Source: http://www.scmagazine.com/analysts-spot-critolock-ransomware-claims-to-be-cryptolocker/article/372182/

September 17, Threatpost – (International) Drupal patches XSS vulnerability in spam module. Drupal released a patch September 17 for the Mollom spam and content moderation module that closes a cross-site scripting (XSS) vulnerability that could allow an attacker to gain admin-level access to Web sites and enable them to steal data or hijack sessions. Source: http://threatpost.com/drupal-patches-xss-vulnerability-in-spam-module

September 17, Securityweek – (International) Website of U.S. oil and gas company abused in watering hole attack. Researchers at Bromium found that attackers injected malicious code into the Web site of an unnamed U.S. oil and gas company in an effort to infect the computers of its visitors, known as a watering hole attack. The malicious script used on the compromised Web site utilized the Internet Explorer vulnerability CVE-2013-7331 which allows resources loaded into memory to be queried. Source: http://www.securityweek.com/website-us-oil-and-gas-company-abused-watering-hole-attack

From → Security

Comments are closed.

%d bloggers like this: