Gotham Security Daily Threat Alerts

By Gotham
Posted in Security
On July 30, 2013

July 29, The Register – (International) Symantec slams Web Gateway back door on would-be corporate spies. Symantec issued an update for its Web Gateway appliances that closes several critical flaws that could allow remote code execution, cross-site scripting (XSS), and other malicious actions. Source:


July 29, Threatpost – (International) Patch available for DoS vulnerability in BIND nameservers. The Internet Systems Consortium issued a patch for certain versions of BIND name servers that closes a denial of service (DoS) vulnerability. Source:

July 29, – (International) Hackers using spoofed headers as malware runners. Researchers at Trend Micro detected several attacks using header spoofing to avoid detection while targeting users for malware infection. Source:

July 26, Help Net Security – (International) Record malware growth in China, Ukraine, and Saudi Arabia. A mid-year report by NQ Mobile found that 51,000 new mobile malware threats were identified in the first half of 2013, and that infections in China, Ukraine, and Saudi Arabia increased greatly, among other findings. Source:

July 25, Help Net Security – (International) TOR-based botnets on the rise. Researchers at ESET found and analyzed two botnets with their command and control (C&C) centers hidden in The Onion Router (TOR) network to avoid detection. The researchers noted that TOR-based botnet C&C is becoming more common. Source:

July 25, IDG News Service – (National) Oil, gas field sensors vulnerable to attack via radio waves. Researchers from IOActive found a host of vulnerabilities in sensors used in the energy industry to monitor industrial processes and also found the sensors were susceptible to attack from 40 miles away using radio transmitters. Fixing the sensors would require firmware updates and configuration changes. Source:


July 25, Threatpost – (International) Microsoft: 88 percent of Citadel botnets down. Microsoft reported that 88 percent of botnets created by the Citadel banking trojan have been taken down following operations to disrupt them in June. Source: