Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On January 07, 2016

January 6, SecurityWeek – (International) Linode resets user passwords after breach. Linode reported that it reset customers’ Linode Manager passwords after the company discovered that a massive distributed denial-of-service (DDoS) attack was launched on its website, data centers, and Domain Name System (DNS) infrastructure, in addition to multiple volumetric attacks that targeted its authoritative nameservers and public websites, which may have compromised user credentials from the company’s database. The exposed database included usernames, email addresses, password hashes, and encrypted two-factor authentication seeds. Source

January 6, SecurityWeek – (International) Researchers publish default passwords for ICS products. SCADA StrangeLove research team released a list of default credentials for industrial control system (ICS) products from various vendors including industrial routers, programmable logic controllers (PLC), and wireless gateways, among other products, to reveal that default passwords can pose a serious vulnerability for systems if remotely accessed. The team reported that vendors should implement proper security controls such as establishing password strength policies and forcing users to change passwords on the first login. Source

January 6, SecurityWeek – (International) Vulnerability exposed Blackphone to complete takeover. Silent Circle released updates for its privacy-focused Blackphone 1 mobile device that patched several security flaws including a modem vulnerability that can be exploited by attackers to take control of the device’s functions through an open-access socket that interacts with an NVIDIA Icera modem binary named agps_daemon, embedded with elevated privileges, to communicate directly to the Blackphone modem and record anything it receives to the ttySHM3 port. Attackers disguised with shell user privileges could send commands to the modem to exploit the flaw. Source

January 5, Softpedia – (International) Author of Linux.Encoder fails for the third time, ransomware is still decryptable. Researchers from Bitdefender reported that a Linux.Encoder decryption tool was available for free following the discovery of a third version of the Linux.Encoder malware which has infected about 600 servers. The ransomware targets web servers and looks to encrypt files used in web hosting and web development environments. Source

January 6, Help Net Security – (International) Flaw in Comcast’s home security system lets burglars in without triggering alarm. A researcher at Rapid7 discovered a critical flaw in the Comcast XFINITY Home Security system that can allow burglars to enter homes without triggering the alarm by causing interference or deauthentication to the ZigBee-based communications protocol via commodity radio jamming equipment and software-based deauthentication attacks on the protocol itself. There are currently no patches for the flaw. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.