Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On January 19, 2016

January 15, Help Net Security – (International) Flaw allows malicious OpenSSH servers to steal users’ private SSH keys. Researchers from Qualys reported that two vulnerabilities including an Information Disclosure flaw were found in the OpenSSH implementation of the secure shell (SSH) protocol that can allow an attacker to pose as an owner of the SSH keys and extract users’ private cryptographic keys through the default client code that can be tricked into leaking client memory to the server. Source

January 15, SecurityWeek – (International) Alleged author of MegalodonHTTP malware arrested. Norwegian officials arrested an individual suspected of authoring the MegalodonHTTP malware that powers distributed denial-of-service (DDoS) botnets internationally after police arrested five men on suspicion of possessing, using, and selling malware. Authorities reported that the malware’s moniker is no longer active or doing business once the man was arrested. Source

January 15, SecurityWeek – (International) McAfee Application Control Flaws expose critical infrastructure: Researchers. A researcher from SEC Consult discovered a series of low level vulnerabilities in McAfee’s Application Control product that can be exploited to bypass application whitelisting protection and gain arbitrary code execution through various techniques, which can be leveraged to cause denial-of-service (DoS) conditions to overwrite whitelisted applications once code execution is achieved. Source

January 14, InfoWorld – (International) Google’s Go upgrade fixes bug that could leak RSA private key. Google released an update to its programming language, Go 1.5.3, patching a security issue that can affect RSA computations in cryto/rsa used by crypto/tls and potentially leak their RSA private key on TLS servers with 32-bit systems. Source

January 15, SecurityWeek – (International) Card breach affects 250 Hyatt Hotels worldwide. Hyatt Hotel officials reported that its payment processing system used at Hyatt-managed locations including restaurants, golf shops, and spa resorts, was compromised and affected about 250 hotels internationally after an investigation revealed a malicious malware was installed onto its systems that collected cardholder names, card numbers, expiration dates, and internal verification codes. The hotel is offering one year of free fraud protection to those affected via CSID. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.