Employee Login Customer Login
Menu

Blog Categories

Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On December 15, 2015

December 14, SecurityWeek – (International) Twitter warns users of state sponsored hacking. Twitter reported December 14 that its customers’ user names, Internet Protocol (IP) addresses, phone numbers, and email addresses may have been compromised after a potential state sponsored attack occurred in its systems. Twitter officials advised users to use Tor Project, a software enabling anonymous communication, to protect affected users on social networks. Source

December 12, Softpedia – (International) Malware spread via The Guardian’s Article on cybercrime. Researchers from FireEye discovered a report, hosted on The Guardian’s website about cybercrime, had a flaw in one of its links that was redirecting users to an Angler Exploit Kit installation that would search targets’ personal computers (PC) for the CVE-2014-6332 flaw, which is a Windows Object Linking and Embedding (OLE) Automation Remote Code Execution vulnerability, triggered through VBScript. The Guardian is working to patch the vulnerability. Source

December 11, Softpedia – (International) FireStorm vulnerability leaves next-gen enterprise firewalls open to attacks. Security researchers from Bugsec Group and Cynet reported a vulnerability, dubbed FireStorm, that can exhausted enterprise-grade firewalls and extract data out of corporate networks via Transmission Control Protocol (TCP) synchronize (SYN) packets by avoiding a full TCP connection, allowing the flaw to disguise its connection type, source, or target from corporate firewalls. Source

December 14, SecurityWeek – (International) Wireless Routers plagued by unpatched flaws. Security researchers from Ethical Reporting discovered wireless SOHO routers from ZyXEL, Belkin, ReadyNet, Amped Wireless, Buffalo, and Netgear had several unpatched vulnerabilities including authentication bypass flaws, remote code execution flaws, default credential flaws, and DNS spoofing flaws, among other vulnerabilities, that can allow attackers to access potentially sensitive application program interface (API) and alter an infected device’s settings. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.

You May Also Be Interested In...

Stay in the loop

Be the first to know about our latest events, webinars, and job openings!

Get to know us

Work with Us

Contact Us

Headquarters:
Gotham Technology Group, LLC
5 Paragon Drive
Suite 103
Montvale, NJ 07645

  • Get help:
© 2025, Gotham Technology Group, LLC.