Skip to content

Gotham Security Daily Threat Alerts

by on October 24, 2014

October 23, Softpedia – (International) CryptoWall 2.0 delivered through malvertising on Yahoo and other large sites. Proofpoint researchers observed a recent campaign using malicious advertisements on Yahoo, 9gag, and other popular Web sites to deliver the CryptoWall 2.0 ransomware via the FlashPack Exploit Kit. The exploit kit exploits vulnerabilities in Adobe Flash Player to deliver the ransomware that encrypts users’ files and demands a ransom to decrypt them. Source: http://news.softpedia.com/news/CryptoWall-2-0-Delivered-Through-Malvertising-On-Yahoo-and-Other-Large-Sites-462970.shtml

October 23, Securityweek – (International) 1.2 million networking devices vulnerable due to NAT-PMP issues. A security researcher with Rapid7 reported October 21 that the company identified around 1.2 million Internet-connected devices that are vulnerable to various attacks due to poor implementation or configuration of the Network Address Translation – Port Mapping Protocol (NAT-PMP). The vulnerabilities could allow attackers to perform denial of service (DoS) attacks, intercept traffic, or perform other malicious actions. Source: http://www.securityweek.com/12-million-networking-devices-vulnerable-due-nat-pmp-issues

October 22, Softpedia – (International) Apple warns users of attack targeting iCloud site. Apple confirmed reports of man-in-the-middle (MitM) attacks against its iCloud service that employed an insecure certificate and advised users not to dismiss browser warnings regarding the security of content. The attacks trigger warnings in the Chrome and Firefox browsers but not in Qihoo, the most popular Web browser in China. Source: http://news.softpedia.com/news/Apple-Warns-Users-of-Attack-Targeting-iCloud-Site-462846.shtml

October 22, Securityweek – (International) ‘Operation Pawn Storm’ cyber-espionage campaign hits organizations. Trend Micro researchers identified a cyberespionage operation dubbed “Operation Pawn Storm” that uses targeted emails and compromised Web sites to infect users in government, military, and media organizations with the SEDNIT (also known as Sofacy) malware. Source: http://www.securityweek.com/operation-pawn-storm-cyber-espionage-campaign-hits-organizations

From → Security

Comments are closed.

%d bloggers like this: