Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On May 10, 2016

May 9, SecurityWeek – (International) Over two dozen flaws found in Aruba products. Aruba Networks patched some of the 26 security flaws discovered by a Google security engineer, and is working to patch the remaining vulnerabilities which impact all versions of ArubaOS, AirWave Management Platform 8.x versions prior to 8.2, and Aruba Instant access points (IAP) prior to and Some of the vulnerabilities discovered include the transmission of login credentials via Hypertext Transfer Protocol (HTTP), default accounts, remote code execution flaws, firmware-related weaknesses, information disclosure issues, and Protocol Application Programming Interface (PAPI)-related security bugs. Source

May 9, Softpedia – (International) Google suffers minor data breach via third-party benefits vendor. Google notified an unknown number of employees following a data breach that occurred when a manager of a third-party benefits vendor sent a file containing the names and Social Security numbers of an undisclosed number of Google employees to the wrong person. The individual who received the data deleted it from his computer and notified Google’s vendor of the incident. Source

May 8, Softpedia – (International) Bucbi ransomware makes a comeback after two years. Researchers at Palo Alto Networks reported that a cyber-crime group is utilizing a re-tooled version of the Bucbi ransomware that does not rely on social engineering tactics and works without needing to connect to an online command and control (C&C) server, uses a different installation routine, and also employs a different ransom note. The group uses brute-force attacks against corporate networks running Internet-available Remote Desktop Protocol (RDP) servers. Source

May 8, Softpedia – (International) 190 Android apps infected with malware discovered on the Google Play Store. Google removed 190 applications infected with malware from its Google Play Store after it was notified by Dr. Web security researchers who discovered that the malware’s mode of operation, Android.Click, waits for 6 hours after it is installed before forcibly loading a Uniform Resource Locator (URL) in the user’s browser, prompting the user back to the Google Play Store to download a second app. Source

May 7, Softpedia – (International) WordPress 4.5.2 released to fix XSS and SOME security bugs. The WordPress project released version 4.5.2 of its open-source platform addressing two security issues in two libraries packed with the content management system (CMS) after Cure53 researchers found a Same-Origin Method Execution (SOME) vulnerability in the Plupload library, which allows attackers to perform unintended actions on a Web site on behalf of victims, and a cross-site scripting (XSS) issue in the MediaElement.js library. Source

Reprinted from the USDHS Daily Open Source Infrastructure Report

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.