Gotham Security Daily Threat Alerts

By Gotham
Posted in Security
On July 02, 2013

July 1, Softpedia – (International) Android hack tools designed to automatically steal information from PCs. F-Secure researchers discovered an Android hack tool identified as Hack-Tool:Android/UsbCleaver.A that, once installed on an Android device, collects information from any Windows computer the device is connected to. Source:

July 1, IDG News Service – (International) Two malware programs help each other stay on computers. Researchers at Microsoft identified a symbiotic relationship between the Vobfus and Beebone malware where each program downloads variants of the other, making both resilient to antivirus programs. Source:


July 1, Softpedia – (International) Experts warn of unpatched backdoor in Atlassian Crowd authentication service. Command Five issued an advisory warning users of the Atlassian Crowd authentication service to update their installations immediately after an exploit that allows unauthorized file retrieval and denial of service attacks was published. Source:

July 1, The Register – (International) Win 8 user? Thought that was a CAPTCHA? R is for ruh roh. A security researcher created a proof-of-concept keyjacking technique that could be used to run malicious code by disguising a “run executable” dialogue box within a CAPTCHA challenge. The technique works in Internet Explorer (IE) 9 and 10 for Windows 7 and Chrome in Windows 8. Source:


July 1, Softpedia – (International) CNN’s Political Ticker hacked, fake Bitcoin operator story published. CNN’s Political Ticker blog was hacked and used to post a fake story about the shutdown of Bitcoin operator after a user’s third party publishing platform credentials were compromised. Source:

June 30, Reuters – (Arizona) Gas leak at Intel Arizona plant sickens 43, sends 11 to hospital. A nitrogen triflouride leak at an Intel silicon wafer manufacturing plant in Chandler sickened up to 43 people, with 11 taken to a hospital after the building was evacuated June 30. Source:

June 30, Softpedia – (International) ICS-CERT warns of brute-force attacks against critical infrastructure control systems. A report by the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) detailed attempted cyberattacks on industrial control systems for the first half of 2013, with the energy sector being the most targeted, among other findings. Source: