Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On July 14, 2015

July 13, Securityweek – (International) APT group uses Seaduke trojan to steal data from high-value targets. Security researchers from Symantec released an analysis of the highly-configurable Seaduke trojan used by an advanced persistent threat (APT) group known for cyber-espionage attacks against high-value targets including government organizations. The report revealed that the trojan is installed onto select systems through the CozyDuke trojan, and that it shares similarities with other “Duke” malware. Source

July 13, Securityweek – (International) Java zero-day used in attacks on NATO member, U.S. defense organization. Security researchers at Trend Micro reported that the cyber-espionage group with monikers including Pawn Storm and APT28 was using a Java Oracle SE zero-day remote code execution vulnerability in attacks directed against the armed forces of a NATO member country as well as a U.S. defense organization by sending out emails containing links to malicious domains containing the exploit and a trojan dropper. Source

July 13, Securityweek – (International) Two new Flash Player zero-day bugs found in Hacking Team leak. Security researchers discovered exploits for two additional Adobe Flash Player zero-day vulnerabilities in the recent Hacking Team data leak, including a flaw in the DisplayObject class in ActionScript 3, and a use-after-free (UAF) vulnerability in the ActionScript3 BitmapData object. Both vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary code on an affected system. Source

July 10, Nextgov – (National) Not just OPM – agency cybersecurity incidents on the rise. A report released by the Government Accountability Office July 8 showed both cyber and non-cyber security breaches affecting Federal systems have steadily increased from 6,000 in 2006 to 67,000 in 2014. The report advocated risk-based cybersecurity programs and improved responses to security incidents. Source

July 13, WXYZ 7 Detroit – (Michigan) Cable provider WOW says weekend attach on servers left Michigan customers without internet service. Metro Detroit customers of WOW, an Internet, cable and phone service provider, experienced an Internet outage during the weekend of July 11 due to an attack on the Domain Name Server. Crews repaired the issue July 13 and most customers have internet service. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.