Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On April 20, 2016

April 19, Softpedia – (International) Pro-ISIS group defaces 88 websites in three-day rampage. A hacking group titled, Team System Dz reportedly hacked and defaced 88 Web sites from France, Israel, the U.K, and the U.S. April 14 – April 16, leaving pro-Islamic State messages on each compromised Web page, many of which were running WordPress systems. Source

April 19, SecurityWeek – (International) Google analyzes effectiveness of website hack notifications. Google and the University of California, Berkeley released a study revealing that nearly 60 percent of hijacking incidences were resolved by Webmasters over an 11-month period with about 22 percent of Search Quality Web sites and 6 percent of Safe Browsing Web sites reinfected within 1 month. Google advised Webmasters to sign up for Google’s Search Console to ensure they are notified when their Web sites become compromised. Source

April 19, Softpedia – (International) New CryptXXX ransomware locks your files, steals bitcoin and local passwords. Security researchers from Proofpoint discovered the CryptXXX ransomware had an infostealer component and could harvest information and credentials about a user’s local instant messenger clients, email clients, FTP clients, and Internet browser information, as well as steal bitcoins after finding that the CryptXXX ransomware was similar to an older Reveton ransomware and allegedly created by the authors of the Angler exploit kit (EK). Source

April 18, SecurityWeek – (International) Ransomware uses blockchains to transmit decryption keys. Researchers from Sucuri discovered that ransomware developers were using blockchains to deliver decryption keys to victims infected with ransomware, after discovering that the usage of blockchains to transmit decryption keys is much more reliable for attackers than using payment gates and third-party compromised Web sites, ensuring that the entire transaction process is public and transparent while hiding attackers’ real Internet Protocols (IPs) addresses. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.