Skip to content

Gotham Security Daily Threat Alerts

by on December 19, 2014

December 18, Securityweek – (International) Serious vulnerabilities found in Schneider Electric’s ProClima solution. An advisory from the Industrial Control Systems Computer Emergency Response Team (ICS-CERT) December 16 warned that five vulnerabilities in the Schneider Electrica ProClima thermal management software were identified and reported by researchers and could be remotely exploited. The software is used in industries such as manufacturing, energy, and commercial facilities and affects ProClima versions 6.0.1 and earlier. Source

December 18, Securityweek – (International) “USBdriveby” emulates mouse and keyboard to hijack computers. A researcher demonstrated an attack method known as USBdriveby that can use a USB-based microcontroller to emulate a mouse and keyboard to run several tasks including disabling security measures, opening backdoors, and changing DNS settings due to many systems trusting USB devices by default. The researcher tested the method on an OS X device but believes that it can be used on Windows and Unix operating systems, and the source code and operations for the attack were made public. Source

December 18, Help Net Security – (International) ICANN systems breached via spear-phishing emails. The Internet Corporation for Assigned Names and Numbers (ICANN) stated December 16 that it was compromised via spearphishing emails during November and attackers were potentially able to access Centralized Zone Data System (CZDS) files and salted and hashed user information and credentials. ICANN deactivated all CZDS passwords as a precaution and notified all potentially affected users. Source

December 18, Softpedia – (International) Syrian Electronic Army hacks website of International Business Times. Hacktivists claiming affiliation with the Syrian Electronic Army group claimed responsibility for defacing the Web site of the International Business Times December 17. Source

December 18, Help Net Security – (International) Researcher publishes JavaScript DoS tool. A researcher with WhiteHat Security published a prototype denial of service (DoS) attack script named FlashFlood written in JavaScript December 16. The code could be used by attackers in DoS attacks or to trick victims into executing the code. Source

December 18, Help Net Security – (International) Ars Technica readers urged to change passwords in wake of hack. Ars Technica advised its registered readers to change their passwords as a precaution after an attacker briefly gained access to one of the site’s Web servers December 14. The site stated that the attacker may have been able to access hashed email addresses and passwords. Source

December 17, Securityweek – (International) Backdoor found in Android phones manufactured by Coolpad: Research. Researchers with Palo Alto Networks reported that at least 24 models of Android devices manufactured by Coolpad contained a backdoor that could active applications, install unwanted applications, and upload device information and location data. Source

December 17, Securityweek – (International) Xsser malware targeting iOS, Android devices. Researchers with Akamai identified a new mobile remote access trojan (mRAT) known as Xsser that is spread through phishing and man-in-the-middle (MitM) attacks and can steal credentials, execute code, and hijack browser sessions on Android and iOS devices. The researchers found that the mRAT is being used by an organized group currently targeting specific devices and software vendors, software-as-a-service (SaaS) providers, and Internet service providers mainly in Asia. Source

From → Security

Comments are closed.

%d bloggers like this: