Skip to content

Gotham Security Daily Threat Alerts

by on September 10, 2015

September 9, Securityweek – (International) Microsoft patches Windows vulnerability exploited in the wild. Microsoft released security bulletins patching over 50 vulnerabilities, including a Win32k memory corruption flaw allowing privilege escalation that has been exploited in the wild, a kernel address space layout randomization (ASLR) bypass, a Windows Media Center remote code execution (RCE) vulnerability, a .NET Framework integer overflow, and a memory corruption flaw in the Edge and Internet Explorer Web browsers, among others. Source

September 9, Securityweek – (International) Adobe patches critical vulnerabilities in Shockwave Player. Adobe released an update addressing two critical memory corruption vulnerabilities in its Shockwave Player for Microsoft Windows versions and earlier that could allow an attacker to take control of an affected system and execute malicious code. Source

September 9, Securityweek – (International) ICS flaw disclosures at high levels since Stuxnet attack: Report. Findings from a report published by Recorded Future revealed a dramatic increase in disclosed industrial control system (ICS) vulnerabilities since a 2011 Stuxnet attack targeting Iran’s nuclear facilities, including almost 50 new vulnerabilities discovered in 2015 through mid-July. Source

September 8, Securityweek – (International) NETGEAR patches vulnerability in Wireless Management System. NETGEAR released a firmware update addressing a vulnerability in its WMS5316 ProSafe 16AP Wireless Management System running version (Build 1236) in which an attacker could gain unauthorized access and privilege escalation by including a specific symbol in the password value for the system’s login. Source

September 8, Securityweek – (International) Researcher discloses zero-day flaws in Advantech WebAccess. A security researcher discovered seven zero-day stack-based buffer overflow vulnerabilities affecting Advantech’s WebAccess software versions 8.0 and earlier used in human-machine interfaces (HMI) and supervisory control and data acquisition (SCADA) systems which an attacker could exploit for remote code execution. Source

September 8, SC Magazine – (International) Verified Play Store apps found to be spreading MKero malware. Security researchers from Bitdefender discovered malware dubbed MKero present in at least seven Google Play Store apps that uses a CAPTCHA translation service that evades detection to automatically sign users up for a premium short message service (SMS). Source

September 8, Help Net Security – (International) Vulnerabilities in WhatsApp web affect 200 million users globally. WhatsApp patched a vulnerability discovered by Check Point researchers that could potentially allow hackers to execute malware on the devices via sending the user a malicious vCard contact card containing an executable file ordering it to distribute ransomware, bots, remote access tools (RAT), and other types of malicious codes. Source

September 8, Securityweek – (International) Webroot, Avira patch flaws in mobile security apps. Webroot and Avira Mobile Security released separate patches addressing vulnerabilities including, a secure sockets layer (SSL) certificate vulnerability for Webroot Mobile Protection for iOS versions 1.10.316 and prior that could have allowed a man-in-the-middle (MitM) attacker to obtain usernames, passwords, and other sensitive information. Avira Mobile Security patched a vulnerability on versions 1.5.7 and prior that allowed a MitM attacker to capture login information via an HTTP POST request. Source

September 7, Securityweek – (International) Kaspersky patches critical vulnerability in antivirus products. Kaspersky Lab released an update addressing a flaw affecting 2015 – 2016 versions of its antivirus products related to a buffer overflow vulnerability affecting the application’s default configuration that could allow a successful exploit. A security researcher identified several vulnerabilities in FireEye products, including a command injection and login bypass bug that is being addressed by FireEye officials. Source

September 7, SC Magazine – (International) Ransomware risk from over 140 million websites, researchers warn. Security researchers found that hackers were using the Neutrino Exploit Kit (EK) to inject malicious scripts into outdated Webserver software that could potentially impact 400 million users that use 142 million legitimate Web sites running out of date versions of the WordPress content management system or outdated plugins. Source

September 7, Softpedia – (International) Android pornography app takes pictures of users and blackmails them for cash. Zscaler researchers discovered an Android app dubbed Adult Player that is used as a platform to deliver ransomware to mobile device users by secretly taking the user’s picture while it loads an Android application package (APK) file where the malware code is hosted. The photograph is used inside the ransom message. Source

September 5, Softpedia – (International) Mozilla bug tracker hacked, data about Firefox vulnerabilities stolen. Mozilla’s bug tracker, Bugzilla, forced users with access to the bug tracker’s private section to change their passwords while cutting down access to the section after engineers found that the bug tracking application was compromised, and that an attacker used a privileged account to gain access to information about unpatched Firefox vulnerabilities. Source

From → Security

Comments are closed.

%d bloggers like this: