Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On February 05, 2016

February 4, SecurityWeek – (International) Cisco patches high severity flaws in several products. Cisco released software updates for its Application Policy Infrastructure Controller (APIC) and several other products that patched high severity vulnerabilities including a denial-of-service (DoS) flaw in Nexus 900 switches, a remote authentication flaw in ASA-CX and Prime Security Manager (PRSM), and a logic issue in the role-based access control (RBAC) processing code that allowed unauthenticated attackers to make configuration changes. In addition, Cisco released advisories detailing three medium severity issues that have yet to be patched. Source

February 4, SecurityWeek – (International) Serious Crypto flaw found in Socat tool. A security researcher from Microsoft discovered a backdoor in the networking utility, Socat versions and 2.0.0-b8 that could allow attackers to eavesdrop on communications and recover the shared secret from a key exchange within its encrypted channels after finding that to the “p” parameter in 1024-bit Diffie-Hallman (DH) was not prime. Source

February 4, SecurityWeek – (International) Flaws expose Sauter SCADA systems to takeover. Sauter released firmware updates for its moduWEB Vision SCADA products after a researcher from Outpost24 discovered multiple vulnerabilities could be exploited by a remote attacker to take control of the products via a pass the hash attack. The attack can be administered through the use of default accounts, which have the password hash for the administrative account as a backup feature. Source

February 3, Computerworld – (International) Google expands Chrome’s Safe Browsing defenses to sniff out ad scams. Google reported February 3 that it is expanding its Safe Browsing technology to help protect users from misleading embedded content, such as social engineering ads which deceived users into providing their personal information and convinced users to download malware disguised as updates for name-brand software. Source

February 3, SecurityWeek – (International) Microsoft EMET adds Windows 10 compatibility. Microsoft released updated version 5.5 for its Enhanced Mitigation Experience Toolkit (EMET) to include Windows 10 capability and several other improvements including enhanced writing of the mitigations to the registry, ease in leveraging existing tools to manage EMET mitigations via Group Policy (GPO), and support for untrusted fonts mitigation in Windows 10. Source


Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.