Skip to content

Gotham Security Daily Threat Alerts

by on February 20, 2015

February 19, Softpedia – (International) Over 250,000 home routers found with duplicate SSH keys. A Shodan researcher discovered that mis-configuration of devices likely led over 250,000 home routers from Spain, 200,000 routers from mostly China and Taiwan, and 150,000 routers from the U.S. and Japan to share the same Secure Shell (SSH) keys, which could allow an attacker to gain access to any device with a single key. Researchers recommended disabling SSH connectivity in the router. Source

February 19, Reuters – (International) Lenovo to stop pre-installing controversial software. Errata Security researchers determined that Superfish adware pre-installed on Lenovo computers hijacks and throws open encrypted connections, allowing hackers to seize connections and listen in through man-in-the-middle (MitM) attacks. Lenovo disabled all Superfish software from its consumer computers and stopped pre-installing the software on its devices, but experts warned that systems could still be vulnerable even after uninstalling the software. Source

February 19, Softpedia – (International) DoubleFantasy is Equation group’s first attack wave. Kaspersky analysts discovered that hackers from the cyber-espionage group Equation developed the DoubleFantasy trojan, a tool used to verify the infected system as a target and a vehicle for installing more sophisticated attack tools that could steal usernames and passwords for Microsoft’s Internet Explorer and Mozilla’s Firefox Web browsers, Windows protected storage on versions up to Windows XP, and operating system authentication subsystems on Windows Vista and above. Multiple versions of the tool were discovered, and some were deployed to targets via a post-meeting compact disk from a 2009 scientific conference in Houston. Source

February 19, Information Week Dark Reading – (International) Superfish Compromises All SSL Connections On Lenovo Gear. More than just pre-installed adware on some Lenovo laptops, Superfish acts as a man-in-the-middle certificate authority, hijacking every SSL session the laptop makes. PC manufacturer Lenovo has confirmed that it had — between mid-2014 to mid-January — shipped laptops pre-loaded with the Superfish adware application. The problem with Superfish isn’t that it’s annoying adware. The problem is that it compromises the sanctity of all SSL connections a Lenovo client machine makes. (As though SSL didn’t have enough problems.) Source

February 19, CNN-IBN – Major lapses in currency printing kept under wraps, UPA government ignored national security. In a major security breach that could embarrass the previous Congress-United Progressive Alliance government, an internal enquiry report has revealed that certain security features were allegedly compromised during the printing of Indian currency, and the lapses were kept under wraps by senior officials working under Ministry of Finance. The incident took place in 2012 under the then UPA government. Source



From → Security

Comments are closed.

%d bloggers like this: