Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On December 08, 2016

December 7, SecurityWeek – (International) Windows 10 Creators Update brings new security capabilities. Microsoft reported that the Windows 10 Creators Update, which is scheduled to be released in the spring of 2017, will include several security enhancements including improved detection, intelligence, and remediation capabilities in Windows Defender Advanced Threat Protection (ATP), a feature that will link the Windows Security Center to Office 365 ATP to allow administrators to track a threat across endpoints and email, as well as expanded ATP sensors to detect kernel-level exploits and threats that occur only in memory, among other updated features. Source

December 7, SecurityWeek – (International) Locky variant Osiris distributed via Excel documents. BleepingComputer security researchers discovered that the Locky ransomware began appending the .osiris extension to encrypted files, while leveraging malicious Microsoft Excel spreadsheets for distribution. The Excel documents are hidden inside ZIP archives and attached to spam emails concealed as invoices, which contain macros that download and install Locky on a victim’s device once enabled. Source

December 6, SecurityWeek – (International) Google patches 74 vulnerabilities in Android. Google released its December 2016 Android Security Bulletin which includes patches for a total of 74 vulnerabilities, including 11 critical flaws, a total of 43 high severity flaws, and 20 medium risk vulnerabilities. The critical flaw patches include a fix for the Dirty COW vulnerability, as well as an elevation of privilege vulnerability in kernel memory subsystem affecting Pixel C, Pixel, and Pixel XL devices, and elevation of privilege issues in NVIDIA GPU Driver, kernel, kernel ION driver, and the Qualcomm Mobile Station Modem (MSM) interface, among other patched flaws. Source

December 6, SecurityWeek – (International) Flash Player remains main target of exploit kits: report. Threat intelligence firm Recorded Future released a report after performing an analysis of 141 exploit kits (EKs), which found that Adobe Flash Player, Microsoft Windows, Internet Explorer, and Silverlight were the main targets of EKs in 2016. Flash Player accounted for 6 of the top 10 flaws leveraged by EKs, and an Internet Explorer flaw tracked as CVE-2016-0189, which was integrated into several EKs including Sundown, Neutrino, and RIG, was the most referenced vulnerability on security blogs and dark Websites. Source

Above Reprinted from the USDHS Daily Open Source Infrastructure Report

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.