Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On October 14, 2016

October 13, SecurityWeek – (International) Attackers actively exploit recently patched BIND flaw. The Internet Systems Consortium (ISC) reported that it learned a high severity denial-of-service (DoS) vulnerability patched in the Domain Name Server (DNS) software BIND was exploited in the wild to crash servers after Infobyte security researchers published a proof-of-concept (PoC) code and Metasploit module demonstrating the attack. Source

October12, SecurityWeek – (International) Cerber 4.0 fuels new wave of ransomware attacks. Trend Micro security researchers reported that the latest variant of the Cerber ransomware, dubbed Cerber 4.0 was being dropped by the RIG, Neutrino, and Magnitude exploit kits (EK) in malvertising campaigns. Researchers also found Cerber 4.0 uses a randomly generated file extension, and has shifted from a Hypertext Markup Language (HTML) ransom note to an HTML Application (HTA) format. Source

Above Reprinted from the USDHS Daily Open Source Infrastructure Report

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.