Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On February 05, 2016

February 3, Softpedia – (International) Dual-Mode DMA ransomware cracked, users can recover files for free. Security researchers from Malwarebytes discovered a flaw in the DMA ransomware that could allow victims to decrypt their encrypted files without paying the ransomware after discovering that the ransomware’s encryption key was hard-coded in its binary, allowing victims to re-download the malicious file and input the encryption key inside the ransom note to unlock their files. Source

February 3, SecurityWeek – (International) WordPress 4.4.2 patches open redirect, SSRF flaws. WordPress released version 4.4.2 for its content management system that patched an open redirection vulnerability, a server-side request forgery (SSRF) which affected certain local Uniform Resource Identifiers (URLs), and 17 flaws affecting WordPress versions 4.4 and 4.4.1. Source

February 3, SecurityWeek – (International) Comodo browser breaks security: Google researcher. A researcher from Google found that the Chromodo web browser that comes installed with Comodo’s Internet Security product disables the same origin policy (SOP) and effectively turns off all web security, allowing malicious scripts opened in one browser to interact with other windows and infect several systems. Comodo released a patch to fix the vulnerability, but researchers found the patch was ineffective. Source

February 2, Reuters – (National) Microsoft recalls 2.3 mln power cords sold with Surface Pro tablets. Microsoft issued a recall February 2 for about 2.25 million of its AC power cords sold with certain models of the Microsoft Surface Pro convertible tablet devices after the company received a total of 61 consumer reports that the power cords overheated, emitted flames, and posed electrical shock hazards. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.