Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On April 25, 2016

April 22, SecurityWeek – (International) Adobe patches flaw in analytics AppMeasurement for Flash Library. Adobe release its Analytics AppMeasurement for Flash library version 4.0.1 which patched a Document Object Model (DOM)-based cross-site scripting (XSS) vulnerability after a security researcher discovered the vulnerability when the debugTracking feature was enabled. The flaw affects version 4.0 and earlier platforms. Source

April 21, Softpedia – (International) Law enforcement, government agencies see phishing as main cyber risk. The Global Cyber Alliance (GCA), a group of government representatives from the U.S. and the United Kingdom, agreed to promote the usage of Domain-based Message Authentication, Reporting & Conformance (DMARC) protocol to make it more difficult for attackers to tamper with original documents as phishing attacks were ranked as the top cyber threat following research that revealed spear-phishing campaigns increased by 55 percent from 2015. Source

April 21, SecurityWeek – (International) DDoS attacks continue to rise in power and sophistication. Imperva released its Global DDoS Threat Landscape Q1 2016 report which revealed that distributed denial of service (DDoS) attacks were more advanced and sophisticated after an analysis revealed that attackers increased the use of browser-like DDoS bots with capabilities of bypassing security challenges by 36.6 percent and attackers were seen executing new ways to perform application layer assaults including Hypertext Transfer Protocol Secure (HTTPS) POST flood. Source

Reprinted from the USDHS Daily Open Source Infrastructure Report

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.