Skip to content

Gotham Technology Daily Threat Alerts

by on July 31, 2015

July 30, The Register – (International) Cisco IOS-XE update time: squash that DoS bug. Cisco released a patch for a vulnerability In its IOS-XE operating system (OS) in which an attacker could cause a denial-of-service (DoS) condition by sending a series of Internet Protocol version 4 (IPv4) or IPv6 fragments designed to trigger an error message. Source

July 30, Help Net Security – (International) More than a third of employees would sell company data. Loudhouse released results from a survey on enterprise security practices polling over 500 Internet technology (IT) decision-makers and 4,000 employees across the U.S., Europe, and Australia, revealing that 25 percent of employees polled would sell company data for less than $8,000, citing the ready access most employees have access to valuable data, among other findings. Source

July 30, Help Net Security – (International) Most malvertising attacks are hosted on news and entertainment Web sites. Bromium Labs released an analysis of malware evasion technology revealing that over 50 percent of malware is hosted on news and entertainment Web sites, and reported an 80 percent increase in new ransomware families since 2014, among other findings. Source

July 29, Securityweek – (International) Shellshock flaw still actively exploited: Solutionary. Solutionary’s Security Engineering Research Team released findings from a report revealing that the Shellshock bug discovered in 2014 has been actively exploited by threat actors, identifying about 600,000 Shellshock-related events from over 25,000 Internet Protocol (IP) addresses, mostly in the U.S. Researchers noted that education organizations were the most targeted, among other findings. Source

July 29, IDG News Service – (International) Maliciously crafted MKV video files can be used to crash Android phones. Security researchers from Trend Micro discovered a vulnerability in the Android operating system’s (OS) mediaserver component in which an attacker could use a malformed Matroska video container (MKV) file to crash and render a device unusable. Source

From → Security

Comments are closed.

%d bloggers like this: