Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On April 27, 2016

April 26, Softpedia – (International) Facebook bug allowed attackers to take over accounts on other sites. Facebook patched a flaw in its account registration process after security researchers from Bitdefender discovered the flaw could allow attackers to take over users’ profiles on Web sites where the Facebook Social Login feature was available by adding an attacker’s email address as a secondary address, enabling the attacker to verify the profile and make modifications to the account information. Source

April 25, SecurityWeek – (International) Malicious insiders could tap ransomware-as-a-service for profit. Security researchers from Imperva revealed that the ransom-as-a-service (RaaS) model could be leveraged by malicious attackers to exploit the organization’s unstructured data, locate sensitive data, and encrypt the company’s most valuable information after discovering that authors and distributors of the malware use anonymous Bitcoin addresses and the Tor network to ensure they receive their ransom money and stay undetected from law enforcement agencies. Source


Reprinted from the USDHS Daily Open Source Infrastructure Report

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.