Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On May 06, 2016

May 5, SecurityWeek – (International) Cisco patches serious flaws in FirePOWER , TelePresence. Cisco released software updates patching several vulnerabilities in its FirePOWER and TelePresence products including a critical vulnerability that allows a remote, unauthenticated attacker to bypass authentication and gain access to a targeted system, as well as several high severity denial-of-service (DoS) vulnerabilities that could allow a remote attacker to cause a system to stop inspecting and processing packets by sending a specially crafted packet. The company stated there was no evidence to suggest the exploits were used for malicious purposes. Source

May 5, SecurityWeek – (International) Apple updates Xcode to patch Git vulnerabilities. Apple released Git version 2.7.4 and Xcode version 7.3.1, patching several remote code execution (RCE) vulnerabilities affecting Git versions 2.7.3 and earlier versions, after discovering attackers could exploit the flaws to push or clone a repository with a large file name or a large number of nested trees in Apple’s operating system (OS) X El Capitan. Source

May 5, Reuters – (International) Exclusive: Big data breaches found at major email services – expert. The founder and chief information security officer of Hold Security reported that 273.3 million stolen accounts including users of, Google accounts, Yahoo accounts, and Microsoft accounts were being traded in Russia’s criminal underworld after the security firm discovered a Russian hacker, dubbed, “The Collector” was seen bragging in an online forum pertaining to the number of stolen credentials he collected and was prepared to sell. Many of the stolen username and passwords allegedly belong to employees in U.S. banking, manufacturing, and retail companies. Source

May 4, SecurityWeek – (International) Lost door RAT promoted via Facebook and Google’s Blogspot. Security researchers from Trend Micro reported that a remote access trojan (RAT) named, Lost Door can be customizable and difficult to detect, posing a challenge to information technology (IT) administrators after researchers found the trojan leverages a router’s Port Forward feature to access the server of a private network and disguises malicious traffic or communication as normal traffic. Attackers can mask their command and control (C&C) addresses and evade network monitoring as the servers only connect to an internal router Internet Protocol (IP) address. Source

Reprinted from the USDHS Daily Open Source Infrastructure Report

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.