Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On April 18, 2016

April 15, SecurityWeek – (International) No patches for QuickTime Flaws as Apple ends support on Windows. ZDI reported that Apple will no longer release security updates for Window versions of QuickTime after a security researcher from Source Incite found a heap corruption vulnerability that could allow an attacker to exploit the flaw for remote code execution (RCE) once a victim accesses a maliciously crafted Web site or file. Apple released instructions on ways to remove QuickTime for Window users and advised users to remove legacy plugins to enhance their personal computer (PC) security. Source

April 15, Softpedia – (International) Google, Microsoft address problems in their URL shorteners. An independent security researcher and a professor at Cornell Tech discovered that many Universal Resource Language (URL) shortening services used by Google and Microsoft, employ short random character tokens that can allow an attacker to infiltrate potential private files holding sensitive information using brute-force attacks. The researchers found the flaw after beginning a series of automated scans on Microsoft’s and found it exceptionally easy to brute-force its small 6-character URLs. Source

April 14, SecurityWeek – (International) Clever techniques help malware evade AV engines. Security researchers from FireEye released a study titled, Ghost in the Endpoint which revealed that various components of malware went undetected for an extended period of time by antivirus programs including a backdoor dubbed “GOODTIMES,” which was left undetected due to its disguise as an Excel file (XLSX) while leveraging a Flash Player exploit. Source

April 14, Softpedia – (International) Lizzard Squad downs Blizzard servers with massive DDoS attacks. A Blizzard spokesman reported that its European and U.S. servers that host games such as World of Warcraft, Diablo 3, and Starcraft 2 experienced connectivity and latency issues for several hours April 14 following an potential denial of service (DDoS) attack allegedly conducted by Lizard Squad hacking group. Blizzard technical support was working to mitigate the impact of the attacks. Source

April 14, Softpedia – (International) Microsoft issues optional Windows update to fix MouseJack vulnerability. Microsoft released its monthly security updates addressing several vulnerabilities including a flaw dubbed, MouseJack after security researchers from Bastille found an attacker could spoof data from a wireless device and force the Universal Serial Bus (USB) dongle to send fraudulent instructions to the connected personal computer (PC) and execute malicious actions. Source

April 14, SecurityWeek – (International) Hybrid trojan “GozNym” targets North American banks. Researchers from IBM Security discovered a hybrid trojan, dubbed “GozNym,” which was reported to be similar to the Nymaim dropper and the Gozi financial malware, leverages Nymaim dropper’s stealth and persistence while adding trojan capabilities from Gozi’s ISFB parts to facilitate fraud via infected Internet browsers. The trojan is believed to have stolen millions of dollars from victims, targeting 22 financial institutions in the U.S. and Canada including banks, credit unions, e-commerce platforms, and retail banking. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.