Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On August 18, 2015

August 17, Securityweek – (International) Alerts issued for zero-day flaws in SCADA systems. The Industrial Control Systems Computer Emergency Response Team (ICS-CERT) published six advisories after security researchers from Elastica discovered several remote and local file inclusion, weak password hashing, insecure authentication, hardcoded credentials, weak cryptography, and cross-site request forgery (CSRF) vulnerabilities, among others, affecting Web-based Supervisory Control and Data Acquisition (SCADA) human machine interfaces (HMI) used by multiple organizations. Source

August 17, Securityweek – (International) BitTorrent flaws can be exploited for DRDoS attacks: researchers. Security researchers reported that malicious actors could exploit vulnerabilities in BitTorrent’s Micro Transport (uTP), Distributed Hash Table (DHT), and Message Stream Encrypton (MSE) protocols as well as its Sync tool to reflect and amplify traffic via distributed reflective denial-of-service (DRDoS). Source

August 17, Securityweek – (International) Exploit for OS X zero-day published by researcher. A security researcher published a proof of concept (PoC) for a local privilege escalation vulnerability in Apple’s OS X Yosetime dubbed “tpwn”, which could be executed by leveraging two security bugs to gain root privileges using a specially crafted file. Source

August 15, Softpedia – (International) Administrators continue to fail in securing databases by using proper configs. Security researchers from BinaryEdge released analysis of 4 technologies including Redis, MongoDB, Memcached, and ElasticSearch, revealing that almost 1.2 petabytes (PB), or 1,175 terabytes (TB) of data were vulnerable due to administrators’ use of default configurations that do not block connections from untrusted external actors. Source

August 16, Charlottesville Daily Progress – (Virginia) UVa board hears about cyberattack, faculty hiring progress. University of Virginia officials restored the school’s computer network August 16 after shutting it down August 14 due to a cyber-security threat that targeted the personal email accounts of 2 university employees. Faculty, students, and staff were urged to change their passwords after the network was brought back online. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.