Skip to content

Gotham Security Daily Threat Alerts

by on January 12, 2015

January 9, Softpedia – (International) Andromeda botkit used for Bitcoin mining purpose. Fortinet researchers observed attackers using an older, cracked version of the Andromeda botnet malware to deliver Bitcoin mining software to compromised computers. The malware is version 2.06 of Andromeda and can also download additional modules and updates from the attackers’ command and control servers. Source

January 9, Threatpost – (International) Schneider patches buffer overflow in Wonderware server. Schneider Electric issued a patch for its Wonderware InTouch Access Anywhere Server v10.6 and v11 that closes a remotely exploitable buffer overflow vulnerability. The software is used in industries including the chemical, energy, manufacturing, and water utility sectors. Source

January 9, Softpedia – (International) Unauthorized root command execution possible in ASUS routers. A researcher reported a vulnerability in ASUS routers where a firmware service could be used by attackers with access to the network to reconfigure the router. Source

January 9, Help Net Security – (International) OpenSSL release patches 8 vulnerabilities. The OpenSSL Project released updates for its open-source library, closing eight vulnerabilities including two that could be used for denial of service (DoS) attacks. Source

January 8, Softpedia – (International) vBulletin warns of vBSEO vulnerability. The developers of vBulletin informed users of the now-defunct vBSEO search engine optimization product that a security vulnerability exists in vBSEO and offered a solution for the issue. Source

January 8, Dark Reading – (International) Banking trojans disguised as ICS/SCADA software infecting plants. A researcher with Trend Micro identified 13 varieties of banking malware disguised as legitimate industrial control systems (ICS) software updates from Siemens, GE, and Advantech. The researcher stated that he first identified the attacks in October and that they originate as spearphishing attempts or drive-by download attacks. Source


From → Security

Comments are closed.

%d bloggers like this: