Skip to content

Gotham Security Daily Threat Alerts

by on June 22, 2016

June 20, SecurityWeek – (International) Cybercriminals use new tricks in phishing attacks. Sucuri researchers reported that phishing attacks were increasing and cyber attackers were using new techniques to avoid detection after discovering that attackers were leveraging hosting providers’ failures to properly configure temporary Uniform Resource Locators (URLs), which were offered to users to test their Web sites before linking them to separate domains. An attacker can register an account on a shared server, upload their phishing pages, and compile a list of other Web sites on that server, which enables hackers’ access from any neighboring domain names. Source

June 20, PC World – (International) Acer security breach exposes data of 34,500 online shoppers. Acer Inc., reported that its online store was compromised after a hacker leaked 34,500 customers’ data including customer names, addresses, and credit card numbers with expiration dates and CVC security codes from May 2015 – April 2016. The breach was considered a security issue when the company inadvertently stored customer data in an unsecured format. Source

Above Reprinted from the USDHS Daily Open Source Infrastructure Report

Dark Reading, June 22- ‘Hack The Pentagon’ Paid 117 Hackers Who Found Bugs In DoD Websites. Defense Department’s historic bug bounty pilot yields 138 valid reports of vulnerabilities, most of which were fixed within two days. The Defense Department’s historic bug bounty pilot program uncovered nearly 140 previously unknown vulnerabilities in public DoD websites and yielded participating hackers payments of anywhere from $100 to $15,000. DoD earlier this year launched the government’s first-ever program for paying rewards to white-hat hackers for legitimate vulnerabilities, dubbed “Hack The Pentagon.” The pilot program ran from April 18 to May 12 of this year, and allowed vetted hackers to hunt for bugs in DoD public websites for possible prize money. Source


From → Security

Comments are closed.

%d bloggers like this: