Skip to content

Gotham Security Daily Threat Alerts

by on April 13, 2015

April 10, Softpedia – (International) OS X 10.9.x and older vulnerable to hidden backdoor API. A Swedish security researcher discovered a hidden backdoor application programming interface (API) present in the Admin framework of Apple OS X versions prior to 10.10.2 that could grant attackers root access to users with both admin and regular user accounts. Apple patched the issue in its release of OS X 10.10.3 Source

April 10, Softpedia – (International) United States, South Africa most affected by Changeup worm. A task force of European and American law enforcement organizations and private security companies including Intel, Kaspersky, and Shadowserver took action to disrupt the Changeup worm botnet and sinkhole its command-and-control (C&C) servers. The worm morphed every few hours and leveraged an LNK vulnerability in Windows to infect approximately 30,000 systems in early 2015, and downloaded other pieces of malware, including banking trojans, click-fraud programs, crypto-malware and other botnet threats. Source

April 9, Softpedia – (International) Multiple flaws found in Motorola’s Surfboard SBG6580 cable modem. Security researchers at Rapid7 discovered vulnerabilities in Motorola Home/ARRIS Surfboard SBG6580 series cable modems, including a backdoor account with hardcoded credentials and persistent cross-site scripting (XSS), and cross-site request forgery (CSRF) flaws that could allow attackers who know the internal gateway internet protocol (IP) address to access the device remotely, change network settings, and inject malicious JavaScript (JS) code. Source

April 9, Softpedia – (International) Cisco threat defense tool vulnerable to DoS attack. Cisco released a security advisory that a flaw in the company’s ASA FirePOWER and Context Aware (CX) Services can be exploited to allow attackers to cause denial-of-service (DoS) conditions by sending a high rate of crafted packets to the services’ management interface. Cisco released updates for the products addressing the issues, as well as three additional related glitches. Source

April 9, Softpedia – (International) Group uses over 300,000 unique passwords in SSH log-in brute-force attacks. Security researchers from Cisco Talos Group and Level 3 Communications collaborated to monitor and take down netblocks being used by a group of cybercriminals dubbed SSHPsychos to run large amounts of scamming traffic, utilizing a dictionary to find root user log-in credentials and install distributed denial-of-service (DDoS) rootkits that add compromised systems to a persistent DDoS botnet. Source

From → Security

Comments are closed.

%d bloggers like this: