Skip to content

Gotham Security Daily Threat Alerts

by on January 15, 2015

January 14, Securityweek – (International) Adobe updates Flash Player to fix 9 vulnerabilities. Adobe released updates for its Flash Player product January 13, closing nine critical vulnerabilities, including vulnerabilities that could be exploited to perform arbitrary code execution. Source

January 14, Softpedia – (International) Free tool searches GitHub for sensitive company data. A researcher with SoundCloud created a tool dubbed GitRob that can search companies’ GitHub code repositories to identify sensitive files that may have been inadvertently added to GitHub. Source

January 14, Softpedia – (International) Apache patches Qpid message broker against DoS condition. The developers of the Apache message broker software Qpid released a patch January 13 that closes a denial of service (DoS) condition that could be caused by unexpected protocol sequences leading to sudden termination of Qpid processes. Source

January 14, Securityweek – (International) Mozilla fixes 9 vulnerabilities in Firefox 35. Mozilla released version 35 of its Firefox browser January 13, which includes new features and functions as well as fixes for 9 security vulnerabilities, 3 of which were rated as critical. Source

January 14, Softpedia – (International) Notepad++ releases “Je suis Charlie” edition, website gets defaced. Attackers identifying as the Fallaga Team claimed responsibility for defacing the Web site of open source text editor Notepad++. Source

January 13, Securityweek – (International) Microsoft patches critical Windows security vulnerability. Microsoft released its monthly round of Patch Tuesday updates January 13, closing a critical security vulnerability in Windows’ Telnet Service that could allow an attacker to remotely execute code on affected Windows servers, among seven other patches. Source

January 13, Softpedia – (International) Siemens patches SIMATIC WinCC apps for iOS against password-related flaws. Siemens released an update for the iOS version of its SIMATIC WinCC Sm@rt Client product for industrial control systems (ICS) which closes a vulnerability that could allow attackers to gain access to sensitive information from the app. Source

January 14, Softpedia – (International) Remote overlay attack toolkit targets Brazilian bank customers. Researchers with Trusteer analyzed a piece of remote desktop connection banking malware dubbed KL-Remote being offered for sale on Brazilian underweb markets which includes the ability for attackers to manually intervene and collect online banking information and conduct transactions when users with infected systems visit banking Web sites. Source

 

From → Security

Comments are closed.

%d bloggers like this: