Skip to content

Gotham Security Daily Threat Alerts

by on October 14, 2014

October 10, Securityweek – (International) New Rovnix variant targets users in EU countries. Researchers with CSIS Security Group identified a new variant of the Rovnix malware currently targeting users in European Union countries that includes a new domain generation algorithm (DGA), changes to avoid detection, and removes a bootkit component. Source

October 9, Threatpost – (International) Shellshock exploits spreading Mayhem botnet malware. Researchers at Malware Must Die reported detecting a number of Linux and UNIX systems infected by several IP addresses belonging to the Mayhem botnet. The botnet was found to be pinging Internet-facing systems looking for the Shellshock vulnerability in order to drop a new remote installer written in Perl. Source

October 14, Information Week Dark Reading – (International) Russian Cyberspies Hit Ukrainian, US Targets With Windows Zero-Day Attack. Researchers at iSIGHT Partners, who have been tracking the so-called Sandworm cyber espionage team out of Russia and four other such teams there for some time, discovered the group using a previously unknown security weakness in Windows. Today, as part of its monthly patch cycle, Microsoft will issue a patch for the CVE-2014-4114 bug, which is found in Windows Vista; Windows versions 7, 8, and 8.1; and Windows Server 2008 and 2012. The Sandworm gang is using the zero-day for the initial attack, which then drops a variant of the notorious BlackEnergy Trojan traditionally used by the pervasive Russian cybercrime underground. Source

From → Security

Comments are closed.

%d bloggers like this: