April 22, SecurityWeek – (International) Adobe patches flaw in analytics AppMeasurement for Flash Library. Adobe release its Analytics AppMeasurement for Flash library version 4.0.1 which patched a Document Object Model (DOM)-based cross-site scripting (XSS) vulnerability after a security researcher discovered the vulnerability when the debugTracking feature was enabled. The flaw affects version 4.0 and earlier platforms. Source
April 21, Softpedia – (International) Law enforcement, government agencies see phishing as main cyber risk. The Global Cyber Alliance (GCA), a group of government representatives from the U.S. and the United Kingdom, agreed to promote the usage of Domain-based Message Authentication, Reporting & Conformance (DMARC) protocol to make it more difficult for attackers to tamper with original documents as phishing attacks were ranked as the top cyber threat following research that revealed spear-phishing campaigns increased by 55 percent from 2015. Source
April 21, SecurityWeek – (International) DDoS attacks continue to rise in power and sophistication. Imperva released its Global DDoS Threat Landscape Q1 2016 report which revealed that distributed denial of service (DDoS) attacks were more advanced and sophisticated after an analysis revealed that attackers increased the use of browser-like DDoS bots with capabilities of bypassing security challenges by 36.6 percent and attackers were seen executing new ways to perform application layer assaults including Hypertext Transfer Protocol Secure (HTTPS) POST flood. Source
Reprinted from the USDHS Daily Open Source Infrastructure Report