Skip to content

Gotham Security Daily Threat Alerts

by on May 4, 2015

May 1, Securityweek – (International) Security bug in ICANN portals exploited to access user data. The Internet Corporation for Assigned Names and Numbers (ICANN) released April 30 initial findings from an investigation revealing that a vulnerability in two of the organizations generic top-level domain (gTLD) portals had resulted in the exposure of 330 advanced search result records pertaining to 96 applicants and 21 registry operators since April 2013. The organization plans to contact both the affected users and those who exploited the vulnerability to access the records. Source

May 1, Help Net Security – (International) Unnoticed for years, malware turned Linux and BSD servers into spamming machines. Security researchers at ESET discovered that servers running BSD and Linux operating systems (OS) worldwide have been targeted for the past 5 years by a group that compromised systems via a backdoor trojan that would use a commercial automated e-mail distribution system to send out anonymous emails. Source

May 1, Threatpost – (International) Dyre banking trojan jumps out of sandbox. Security researchers at Seculert discovered a new strain of the Dyre banking trojan, called Dyreza, that evades detection by checking for the number of processor cores running on an infected machine, and terminating itself if there is only one. The researchers also noted that the new strain changed to a new user agent and included other minor updates to avoid signature-based detection products. Source

April 30, Threatpost – (International) MySQL bug can strip SSL protection from connections. Researchers at Duo Security identified a serious vulnerability in how versions of Oracle’s MySQL database product handle requests for secure connections, in which an attacker could use a man-in-the-middle (MitM) attack to force an unencrypted connection and intercept unencrypted queries from the client to the database. In this scenario, the attack could occur regardless of whether or not the server is toggled to require secure socket layer (SSL). Source

From → Security

Comments are closed.

%d bloggers like this: