Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On April 21, 2016

April 20, Softpedia – (International) New PWOBot Python malware can log keystrokes, mine for bitcoin. Security researchers from Palo Alto Networks discovered a new malware family dubbed PWOBot was encoded in Python and PWOBot modules can execute other binaries, launch an Hypertext Transfer Protocol (HTTP) server, log keystrokes, execute custom Python code, query remote Universal Resource Languages (URLs), as well as mine for bitcoins by using the victim’s central processing unit (CPU) or graphics processing unit (GPU). Source

April 20, Softpedia – (International) Oracle patches 138 bugs, 9 in Java, 31 in MySQL. Oracle released patches addressing 136 security issues, of which 9 were considered critical flaws, in 49 different product suites including Oracle Database, Java, MySQL, Solaris, Berkeley Database, and VirtualBox, among other products. Users were advised to update their software to the latest versions. Source

April 19, Softpedia – (International) Security firm discovers secret plan to hack numerous websites and forums. Security researchers from SurfWatch Labs reported that they prevented a new trojan named Thanatos, from potentially infecting thousands of Invision Power Services (IPS) servers after researchers scanned the Dark Web and discovered attackers were planning to exploit a vulnerability in the infrastructure of IPS by accessing the Web sites of IPS’ customers and adding an exploit kit on each page. IPS was informed of the attacker’s scheme and shut down all its access points. Source

April 19, Softpedia – (International) Kaspersky announces antivirus for Industrial Control Systems (ICS). Kaspersky launched a new cyber-security tool, named Industrial CyberSecurity, which will help Industrial Control Systems/Supervisory Control And Data Acquisition (ICS/SCADA) equipment become more resilient against cyberattacks and will prevent attackers from damaging railway systems, nuclear power plants, oil and gas companies, and various other SCADA equipment by including an “observability mode” which will alert operators of cyberattacks, personnel faults, and anomalies inside an industrial network, among other features. Source


Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.