Skip to content

Gotham Security Daily Threat Alerts

by on November 10, 2014

November 7, The Register – (International) Belkin flings out patch after Metasploit module turns guests to admins. Belkin recently released a patch for its N750 dual-band router to close a vulnerability demonstrated in a Metasploit module that could allow attackers on guest networks to gain root access. Users were advised to update their firmware to close the vulnerability. Source

November 7, Help Net Security – (International) WireLurker: Apple blocks Trojanized apps, revokes certificate. Apple stated that it blocked apps identified as containing the WireLurker malware for OS X and iOS and revoked the certificate used to sign the malware. Source

November 7, Securityweek – (International) Metasploit module released for new UXSS vulnerability in Android browser. An independent researcher in coordination with Rapid7 identified and reported a universal cross-site scripting (UXSS) vulnerability in the default Android browser that could allow an attacker to scrape page contents and cookie data. A Metasploit module for the vulnerability was released, and although Google fixed the issue September 30 many Android users may not receive the fix due to lack of Android version updates. Source

November 7, Help Net Security – (International) After Silk Road 2, global law enforcement seizes other dark markets. U.S. and European law enforcement agencies undertook joint action against several other underweb marketplaces following actions against the Silk Road 2.0 marketplace, resulting in 17 arrests and the takedown of over 410 hidden services. Authorities also seized around $1 million in cash, illegal drugs, and precious metals. Source

November 6, Softpedia – (International) Cisco patches three out of four buggy small business RV series routers. Cisco posted an advisory November 5 stating that three vulnerabilities in four routers intended for small business use could allow attackers to execute arbitrary commands and upload files to the devices. The company issued patches for the RV120W Wireless-N VPN Firewall, RV180 VPN Router, and RV 180W Wireless-N Multifunction VPN Router, while a patch for the RV220W Wireless Network Security Firewall is expected by the end of November. Source

November 5, Lafayette Daily Advertiser – (Louisiana) LUS Fiber victim of Internet attack. The director of Lafayette Utilities System (LUS Fiber) stated that disruptions to customers’ Internet access November 4 and November 5 in Lafayette were the result of an attacker intentionally overwhelming the system. LUS Fiber had also experienced an unrelated email server malfunction the week of October 27 that left customers without email service for several days. Source

November 7, Help Net Security – (International) 53M customer email addresses were also stolen in Home Depot breach. Home Depot officials disclosed November 6 that an investigation into a previously reported breach of the company’s payment data systems revealed that 53 million email addresses of customers in the U.S. and Canada were also compromised during the attack and officials urged consumers to be on guard against phishing scams. The company also reported that hackers used the stolen credentials of a third-party vendor to access the company’s point-of-sale (PoS) devices, then acquired administrator rights that enabled them to deploy custom-built malware on self-checkout systems at the company’s stores in the U.S. and Canada. Source

November 6, Securityweek – (International) New “WireLurker” malware targets iOS, Mac OS X users via trojanized applications. Researchers with Palo Alto Networks identified a new piece of malware targeting Apple OS X systems and iOS devices dubbed WireLurker, which can run malicious code in order to steal users’ contacts, Apple IDs, and other data. The malware spreads via trojanized and repackaged OS X applications and can compromise any iOS devices linked to an infected system via USB cable by infecting iOS applications on stock or jailbroken devices. Source

November 6, Krebs on Security – (International) Feds arrest alleged ‘Silk Road 2’ admin, seize servers. FBI and DHS agents arrested a San Francisco man and charged him with drug trafficking, conspiracy to commit hacking, and money laundering for allegedly operating the Silk Road 2.0 underweb market that sold illegal drugs, fraudulent identification documents, and hacking services and tools. U.S. and European authorities seized control of servers hosting Silk Road 2.0 following the arrest. Source

From → Security

Comments are closed.

%d bloggers like this: