Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On August 22, 2016

August 18, SecurityWeek – (International) Flaws in smart sockets expose networks to remote attacks. Bitdefender researchers reported a popular brand of smart electrical sockets is plagued with serious vulnerabilities that could be exploited by a remote attacker who knows the media access control (MAC) and default password to take control of the device, make configuration changes, and obtain user information after finding that the socket’s hotspot is protected by default credentials and users are not advised to strengthen the credentials, the mobile app transfers Wi-Fi credentials in clear text, which could allow an attacker to intercept the information, and that communications between the device and application go through the manufacturer’s server without being encrypted, among other flaws. Researchers stated a patch for the flaws is expected to be released in the third quarter of 2016. Source

August 18, Softpedia – (International) Global phishing numbers rise as hosting firms fail to respond. Cyren released its Cyberthreat Report that analyzed global phishing operations and found that the total number of malicious phishing Universal Resource Locators (URLs) spread on the Internet increased by 14 percent in quarter 2 of 2016 to 4.44 million, and revealed that 20 percent of all phishing pages disappear after 3 hours, with only 40 percent of all pages lasting more than 2 days. The report also states that Google Chrome and Mozilla Firefox are the quickest to identify phishing pages and malicious sites after Chrome detected 73.9 percent of phishing pages within 48 hours and Firefox marked 52.2 percent of the sites. Source

August 18, SecurityWeek – (International) Locky ransomware reverts to malicious macros. FireEye researchers discovered that the Locky ransomware reverted to using Microsoft Office documents embedded with malicious macros to distribute the malware to individuals and organizations in the health care, telecommunications, and transportations industries. Researchers reported that the DOCM files install the ransomware onto a victim’s device once the malicious macros are enabled. Source


Above Reprinted from the USDHS Daily Open Source Infrastructure Report

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.