Skip to content

Gotham Security Daily Threat Alerts

by on December 8, 2014

December 4, The Register – (International) Big Blue patches big blooper in Endpoint Manager for mobes. IBM released a patch for its Endpoint Manager for Mobile Devices product that allowed attackers to gain remote access and compromise mobile devices connected to the network. Source: http://www.theregister.co.uk/2014/12/04/ibm_endpoint_manager_patch/

December 3, Softpedia – (International) Asprox operators have started recruiting for a larger botnet. Researchers with Malcovery found that the operators of the Asprox botnet began a campaign using spam emails purporting to be order confirmation from major retailers such as HomeDepot, WalMart, CostCo, and Target in order to infect more users and expand the Asprox botnet. Source: http://news.softpedia.com/news/Asprox-Operators-Have-Started-Recruiting-For-a-Larger-Botnet-466482.shtml

December 3, Softpedia – (International) Vulnerability in WhatsApp leads to losing conversations. Two security researchers reported and released a proof-of-concept (PoC) for a flaw in WhatsApp where an attacker could send a 2KB text containing special characters that would cause the app to crash unless the conversation thread is deleted. The researchers stated that the app affects WhatsApp versions 2.11.431 and 2.11.432 on Android devices. Source: http://news.softpedia.com/news/Vulnerability-in-WhatsApp-Leads-to-Losing-Contacts-and-Conversations-466481.shtml

December 3, Securityweek – (International) DNSimple suffers downtime due to 25 Gbps DDoS attack. Florida-based DNS provider DNSimple reported that it experienced a distributed denial of service (DDoS) attack December 1 that peaked at 25 Gbps and lasted around 12 hours, causing outages for the company and its customers. The company stated that DNSimple was not targeted but was affected by the DDoS attack after domains already under attack were delegated to the company. Source: http://www.securityweek.com/dnsimple-suffers-downtime-due-25-gbps-ddos-attack

December 3, Softpedia – (International) LastPass master password can be decrypted. Researchers presenting at the DefCamp 2014 conference during the November 29-30 weekend demonstrated how an attacker could use a man-in-the-middle (MitM) attack to trick users into running a malicious payload that could expose LastPass password manager passwords under certain conditions. Source: http://news.softpedia.com/news/Saving-LastPass-Master-Password-Locally-Is-A-Bad-Idea-466472.shtml

December 3, The Register – (International) Iranian CLEAVER hacks through airport security, Cisco boxen. Researchers with Cylance published a report on a suspected Iranian hacking group that has compromised a variety of targets including government and military systems, telecommunications companies, research facilities, airports, defense contractors, and utilities in a campaign dubbed Operation Cleaver. The researchers stated that the group compromised critical infrastructure assets and Cisco networking equipment but did not engage in manipulation of those systems. Source: http://www.theregister.co.uk/2014/12/03/operation_cleaver/

December 3, The Register – (International) Firmware update kills Lenovo Home Media Network HDDs. Here’s how to resurrect them. Lenovo stated that it was responding to customer reports of a firmware update causing its Home Media Network Hard Drive to fail to restart after installation of the update. Source: http://www.theregister.co.uk/2014/12/03/lenovo_firmware_drives/

December 2, Softpedia – (International) Lizard Squad announces DDoS attacks for Christmas time. Attackers claiming to be the Lizard Squad hacking group claimed responsibility for conducting a distributed denial of service (DDoS) attack against the Xbox Live network after users complained December 1 that they experienced issues connecting to the network. Source: http://news.softpedia.com/news/Lizard-Squad-Announces-DDoS-Attacks-for-Christmas-Time-466354.shtml

December 3, South Florida Business Journal – (Florida) Former TigerDirect executives plead guilty to fraud. Two former senior executives at Miami-based electronics retailer TigerDirect pleaded guilty December 2 to securities and tax fraud charges in a $9.5 million bribery scheme that involved kickbacks from suppliers and concealing taxable income. Source: http://www.bizjournals.com/southflorida/news/2014/12/03/former-tigerdirect-executives-plead-guilty-to.html

December 3, Securityweek – (International) New “LusyPOS” malware uses Tor for C&C Communications. CBTS researchers analyzed a new variant of malware dubbed LusyPOS that leverages the Tor network to deploy a technique known as RAM scraping to collect payment card data from infected systems. The malware is similar to the ChewBacca variant which was used to steal payment data from several dozen retailers in the U.S. and other countries. Source: http://www.securityweek.com/new-lusypos-malware-uses-tor-cc-communications

From → Security

Comments are closed.

%d bloggers like this: