Skip to content

Gotham Security Daily Threat Alerts

by on July 13, 2016

July 11, Softpedia – (International) MIUI vulnerability affects millions of Xiaomi Android devices. Security researchers from IBM’s Security Intelligence team reported that a remote code execution (RCE) vulnerability exists in MIUI analytics component in versions prior to MIUI Global Stable 7.2 after researchers discovered that the self-update mechanism can be hijacked via a Man-in-the-Middle (MitM) attack and used to deliver malicious update packages. The analytics package uses Hypertext Transfer Protocol (HTTP) to query an update server for upgrades and downloads the update requests, allow attackers to watch for requests and use basic spoofing techniques. Source

July 11, Softpedia – (International) GootKit banking trojan receives massive update. Security researchers from IBM’s X-Force Research reported that the GootKit trojan, which targets banks internationally, has updated its source and mode of operation to avoid antivirus detection by changing its installation method to use scheduled tasks that run every minute, allowing the trojan to run with least-privilege user accounts (LUA) and administrator accounts. Source

Above Reprinted from the USDHS Daily Open Source Infrastructure Report

July 11, Dark ReadingNew ‘Ranscam’ Ransomware Lowers The Bar But Raises The Stakes. Cisco Talos researchers discover new variant that doesn’t decrypt your files after you pay up–it has already deleted them. Ransomware variants are multiplying like rabbits: while some are more sophisticated and tougher to combat, others are more about scamming than kidnapping. Take the new Ranscam malware discovered by Cisco’s Talos team, a low-tech but highly destructive attack that demands ransom from its victims but never returns them their files because it actually deleted them. Source

 

 

From → Security

Comments are closed.

%d bloggers like this: