Skip to content

Gotham Security Daily Threat Alerts

by on June 19, 2015

June 18, Help Net Security – (International) Reddit announces switch to HTTPS-only. Reddit Web site developers reported that starting June 29, the site will only be accessible over hypertext transfer protocol secure (HTTPS) encrypted connections served via the company’s CloudFlare content delivery network (CDN). Source

June 18, Securityweek – (International) Drupal security updates patch several vulnerabilities. Drupal developers released updates patching open redirect, information disclosure, and access bypass vulnerabilities in versions 6 and 7 of its open source content management software (CMS). Source

June 17, Help Net Security – (International) Unpatched OS X, iOS flaws allow password, token theft from keychain, apps. Researchers from three universities identified critical inter-app interaction services and cross-app resource access (XARA) vulnerabilities in Apple’s OS X and iOS platforms in which an attacker could use sandboxed malware to bypass protections and steal confidential information from affected devices. Source

June 17, CNN – (National) OPM inspector general questioned over hacking report. The U.S. Office of Personnel Management’s (OPM) inspector general released testimony to the House Oversight Committee June 15 revealing that large portions of OPM’s critical and sensitive databases had failed to meet Federal security standards in audits completed months before the breach all the way back to 2007. Source

From → Security

Comments are closed.

%d bloggers like this: