2FA, 3D, ANI, Apple, Apple device, Apple ID, application sandboxes, Attackers, attacks, Autonomic Network Infrastructure, BitDefender, Bogus, Certificate Trust List, CIP, Cisco, Cisco Systems, Common Industrial Protocol, cross-protocol, CTL, denial of service, DOS, Egypt-based, EPA, Extended Protection for Authentication, fraudulent certificates, fraudulently, Google, Google Security Project Zero, hoax site, IKEv2, International, Internet Key Exchange version 2, iOS, IOS software, IOS XE, man-in-the-middle, MCS Holdings, mDNS, Microsoft, Microsoft’s Windows versions 7 and 8.1, MitM, multicast Domain Name System, NT LAN Manager, NTLM, phishing, phishing scheme, Security analysts, Securityweek, Server Message Block, SMB, Softpedia, spoofing, TCP, Threatpost, Transmission Control Protocol, two-factor authentication, unauthenticated, Virtual Routing and Forwarding, VRF, vulnerabilities, Web Distributed Authoring and Versioning, WebDAV, Windows, Windows operating systems
Gotham Security Daily Threat Alerts
March 26, Softpedia – (International) Microsoft revokes rogue digital certificate for Google and other web domains. Microsoft updated its Certificate Trust List (CTL) for Windows operating systems, and pushed automatic updates to revoke a certificate fraudulently issued by Egypt-based MCS Holdings. The fraudulent certificates affected several Google domains, as well as other domains, and left Windows users vulnerable to Web content spoofing, phishing, and man-in-the-middle (MitM) attacks. Source
March 26, Softpedia – (International) Apple customers lured to disclose Apple ID and card data. Security analysts at Bitdefender discovered a phishing scheme in which Apple device users are being targeted with emails that link to a hoax site requesting Apple ID credentials, personal information, payment card information, and a 3D Secure password. After users fill out the form, they are notified of a bogus two-factor authentication (2FA) process and are given an option to change their password. Source
March 26, Securityweek – (International) Cisco fixes DoS vulnerabilities in IOS software. Cisco Systems released security updates patching 16 vulnerabilities in IOS and IOS XE software components, including Autonomic Network Infrastructure (ANI), Common Industrial Protocol (CIP), multicast Domain Name System (mDNS), transmission control protocol (TCP), Virtual Routing and Forwarding (VRF), and Internet Key Exchange version 2 (IKEv2). The vulnerabilities allowed remote, unauthenticated attackers to trigger denial-of-service (DoS) conditions on targeted systems. Source
March 25, Threatpost – (International) Default setting in Windows 7, 8.1 could allow privilege escalation, sandbox escape. A Google Security Project Zero researcher identified certain default authentication settings in Microsoft’s Windows versions 7 and 8.1 that could allow attackers to use cross-protocol NT LAN Manager (NTLM) reflection to attack a local Server Message Block (SMB) server and leverage Web Distributed Authoring and Versioning (WebDAV) to elevate privileges or escape application sandboxes. Microsoft urged users to implement Extended Protection for Authentication (EPA) to mitigate the vulnerability. Source
From → Security
The Gotham Blog 
Comments are closed.