Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On October 26, 2016

October 25, SecurityWeek – (International) Android root exploits abuse Dirty COW vulnerability. Security researchers found that the Dirty COW Linux kernel vulnerability disclosed the week of October 17 can be exploited by a local attacker to escalate privileges to root on Android devices running a Linux kernel higher than 2.6.22 and to compromise an entire system by altering the copy-on-write cache provided by the kernel to change what the system and apps see when reading the affected files. NowSecure researchers stated in order to exploit the vulnerability, an attacker must run code on the device via the Android Debug Bridge (ADB) over universal serial bus (USB) or by installing an app that leverages the exploit. Source

October 25, SecurityWeek – (International) Researchers leverage voicemail flaw to compromise messaging apps. InTheCyber security researchers discovered a voicemail caller-ID spoofing flaw could be leveraged to steal activation codes sent by messaging applications such as Telegram, WhatsApp, and Signal and compromise accounts after finding that an automated call leaves the account activation code in a user’s voicemail if the code sent via text message is not promptly inputted into the app. Once the activation code has reached a victim’s voicemail, the attacker can spoof their caller ID to impersonate the victim in order to access the targeted voicemail and activation code. Source

October 24, SecurityWeek – (International) Russian man accused of hacking LinkedIn, Dropbox. A Russian national was arrested in the Czech Republic October 5 and indicted on Federal charges in the U.S. October 21 for his alleged role in the 2012 LinkedIn, Formspring, and Dropbox breaches. Officials reported that the Dropbox hack has affected more than 68 million accounts and all 3 hacks were carried out after attackers stole employee credentials. Source

Above Reprinted from the USDHS Daily Open Source Infrastructure Report

October 26, DarkReading -Chinese Firm Defends Webcam Security After DDoS Attacks. Hangzhou Xiongmai Technology says devices sold in the US before April 2015 will be recalled after attack on Dyn servers. China's Hangzhou Xiongmai Technology, which has issued a recall for thousands of webcams sold in the US that were used in a massive distributed denial of service (DDoS) attack on the servers of US-based internet company Dyn, said the hacks occurred because customers didn't change the default password, according to the AP. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.