Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On February 25, 2016

February 24, SecurityWeek – (International) Exploit for recently patched Silverlight flaw added to Angler. A security researcher discovered that a previously patched Microsoft Silverlight exploit was used by Angler developers to add code in its Angler exploit kit (EK) and deliver a variant of the TeslaCrypt ransomware to infect victims. Researchers stated the attack was not effective if targets installed the patched Silverlight version onto their systems. Source

February 23, SecurityWeek – (International) Cybercriminals view people as the best exploit: report. Proofpoint released a report titled, Proofpoint Human Factor 2016 which stated that cybercriminals were using social engineering as an attack technique to trick victims into infecting their own computer systems rather than using automated exploit technology, and that 98 percent of Universal Resource Languages (URLs) in malicious email campaigns required human interaction to infect a system. In addition, the report stated that people willingly downloaded more than two billion mobile applications designed to steal user data, create backdoors on compromised devices, and perform other malicious functions. Source

February 23, U.S. Federal Trade Commission – (International) ASUS settles FTC charges that insecure home routers and “cloud” services put consumers’ privacy at risk. The U.S. Federal Trade Commission announced February 23 that Taiwan-based ASUSTeK Computer, Inc., agreed to settle charges that its routers, plagued with critical security flaws, put the home networks of hundreds of thousands of consumers at risk and compromise thousands of consumers’ connected storage devices via the router’s AiCloud and AiDisk services, which exposed customers’ personal information on the Internet. The proposed consent order will require the company to establish and maintain a comprehensive security program subject to independent audits for 20 years and will require the company to notify consumers about software updates or other necessary actions to protect against security flaws. Source

February 23, Softpedia – (International) Microsoft updates Windows 10 Mobile Mail and Calendar. Microsoft released updates for its Mail and Calendar app affecting Windows 10 Mobile that patches several flaws, introduces new calendar features, and increases overall performance of the app. Source

February 22, SecurityWeek – (International) Tech firms form coalition for cybersecurity policy. Seven technology industry companies including Abor Networks, Cisco, Intel, Microsoft, Oracle, Rapid7, and Symantec have formed a new organization titled, Coalition for Cybersecurity Police and Law, which plans to focus on educating policymakers, increasing collaboration on complicated policies, and promoting the interests of the cybersecurity industry in Congress, Federal agencies, international standards bodies, and industry self-regulatory programs, among other policymaking venues. The organization has submitted comments to the National Institute of Standards and Technology (NIST) in response to the agency’s Request for Information (RFI) on the Framework for Improving Critical Infrastructure Cybersecurity. Source

February 22, SecurityWeek – (International) Comodo support tool allowed attackers to elevate privileges. Comodo’s security product, GeekBuddy was susceptible to a security vulnerability after a security researcher from Google Project Zero found that its virtual network computing (VNC) server was protected by a weak password generated using the first eight characters of an secure hash algorithm 1 (SHA-1) hash in relation to the device’s disk, which could allow attackers to generate a password, connect to the VNC server, and elevate their privileges. In addition, attackers could escape sandboxes including its Chromodo browser, Google Chrome, and Microsoft Internet Explorer. Source

February 22, SecurityWeek – (National) Oregon man pleads guilty to hacking celebrity email accounts. The U.S. Department of Justice reported February 18 that an Oregon man was charged with violating the Computer Fraud and Abuse Act after he allegedly stole the usernames and passwords of 363 Apple and Google email accounts through a phishing scheme that tricked victims into clicking a malicious link to “verify” their accounts. Once victims clicked on the malicious link, they were redirected to a fake website that impersonated an Apple or Google login page where the culprit collected email credentials. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.