Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Training
On January 14, 2015

January 13, Securityweek – (International) Google discloses new unpatched Windows 8.1 privilege escalation flaw. Researchers with Google disclosed a privilege escalation flaw in Windows 8.1 January 11 and released a proof of concept (PoC) for the vulnerability. Researchers confirmed that the vulnerability also affects Windows 7. Source

January 13, Securityweek – (International) Unpatched security flaws impact Corel software products. Core Security researchers released information on DLL hijacking vulnerabilities that could allow attackers to execute arbitrary commands in Corel DRAW, Photo Paint X7, PaintShop Pro X7, CAD 2014, Painter 2015, PDF Fusion, VideoStudio Pro X7, and Fast Flick products. The researchers initially identified and reported the vulnerabilities in December. Source

January 13, Softpedia – (International) Wall charger steals keystrokes from Microsoft wireless keyboards. A security researcher developed a device dubbed KeySweeper that is a wall charger modified to intercept and transmit keystrokes from a nearby Microsoft keyboard using an RF chip, the keyboard’s communications frequency, and a 2G SIM card with SMS support. Source

January 13, The Register – (International) Crayola red-faced after yellow-belly Facebook hijackers post blue jokes. Crayola stated that it regained control of its Facebook account January 11 after unknown attackers took control of it and posted inappropriate content. Source

January 13, The Register – (International) Insert ‘Skeleton Key’, unlocks Microsoft Active Directory. Simples - hackers. Dell SecureWorks researchers identified a piece of malware known as Skeleton Key that can bypass authentication on Microsoft Active Directory (AD) systems, allowing attackers to authenticate as any corporate user. The malware must be redeployed when a domain controller is restarted and requires domain administrator credentials for initial deployment. Source

January 12, Securityweek – (International) Number of IE vulnerabilities fixed by Microsoft doubled in 2014: Report. ESET released a report on vulnerabilities closed by Microsoft in 2014 and found that the majority of the vulnerabilities affected the Internet Explorer browser. The report stated that 7 out of 240 security vulnerabilities were zero-days exploited by attackers before they were patched, and that the total number of Internet Explorer vulnerabilities doubled compared to 2013, among other findings. Source

January 12, The Register – (International) Malware coders adopt DevOps to target smut sites. A researcher with ESET reported that the attackers behind the Windigo malware campaign which infected around 25,000 Unix and Linux servers since 2013 began making several changes to the malware and their targets in response to security researcher efforts to combat the malware, including switching exploit kits and restricting targets to smaller adult content Web sites in order to avoid attention. Source

January 12, Washington Post – (International) U.S. military social media accounts apparently hacked by Islamic State sympathizers. The U.S. Central Command (CENTCOM) announced January 12 that its military networks were not compromised and there was no operational impact to CENTCOM after hackers claiming allegiance to the Islamic State took control of CENTCOM’s Twitter and YouTube accounts posting threatening messages and propaganda videos, along with military documents. Both accounts were taken offline and authorities are investigating. Source


Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.