Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On March 23, 2016

March 21, SecurityWeek – (International) Google issues emergency patch for critical Android rooting exploit. Google released an emergency security patch addressing an elevation of privilege vulnerability that affects all Android devices running kernel versions 3.4, 3.10, and 3.14, which could allow local malicious applications to execute arbitrary code in the kernel by rooting applications that were previously installed by customers. Source

March 21, Softpedia – (International) “Surprise” ransomware uses TeamViewer to infect victims. A new ransomware dubbed Surprise was discovered to be infecting users’ personal computers (PCs) by using poorly secured TeamViewer installations and encrypting victim’s files via an AES-256 algorithm, using an RSA-2048 to secure each file’s encryption keys with a master’s key, and uploading the file to the command and control (C&C) server. Once an attacker encrypts a target’s file, a “.surprise” extension is added to all files and the victims are given a ransom note. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.