Skip to content

Gotham Security Daily Threat Alerts

by on July 25, 2016

July 22, Softpedia – (International) Decrypter available for ODCODC ransomware. Security researchers from BloodyDolly released a decrypter for the ODCODC ransomware that circumvents ODCODC’s RSA-2048 encryption to recover the victim’s files without paying the ransom. Source

July 21, SecurityWeek – (International) Persistent XSS patched in WooCommerce WordPress plugin. WooCommerce released version 2.6.3 of its ecommerce plugin for WordPress addressing a persistent cross-site scripting (XSS) vulnerability after a researcher from Securify discovered an attacker could exploit the flaw to steal session tokens or a victim’s login credentials by creating a special image file containing malicious JavaScript code in the metadata that injects the code into a targeted Website when an administrator uploads the malicious image as a product image or gallery item. Source

Above Reprinted from the USDHS Daily Open Source Infrastructure Report

From → Security

Comments are closed.

%d bloggers like this: