Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On September 01, 2016

August 31, SecurityWeek – (International) 68 million exposed in old Dropbox hack. Dropbox, Inc. began prompting password resets for more than 68 million users potentially exposed in a July 2012 data breach where user email addresses and hashed and salted passwords for Dropbox accounts may have been improperly accessed after a Dropbox employee’s password was stolen and used to access an employee account that contained a document containing the user information. Dropbox officials do not believe any account was improperly accessed during the breach. Source

August 31, SecurityWeek – (International) Vulnerabilities found in CryptWare BitLocker enhancement tool. CryptWare released CryptoPro Secure Disk 5.2.1 for BitLocker addressing two serious vulnerabilities, one of which can be exploited to access a root shell at boot and execute arbitrary commands, as CryptoPro Secure Disk improperly blocks terminal access, and a second serious flaw that can be exploited to modify files on the system and bypass the verification process, which can be leveraged to backdoor the system and steal sensitive information such as domain credentials and BitLocker, among other information, due to inadequate verification mechanisms. Source

August 31, Softpedia – (International) Unsophisticated Revenge RAT released online for free. Security researchers discovered a malware coder named Napoleon released a new remote access trojan/tool (RAT), dubbed Revenge v0.2 online for free via underground hacking forums. Researchers found the RAT is able to access the user’s Webcam, open a remote shell, initiate remote desktop sessions, interact with the victim’s file manager, and manage operating system (OS) services, among other malicious actions. Source

August 30, SecurityWeek – (International) Site of BitTorrent app “Transmission” again used to deliver OS X malware. Security researchers from ESET reported that the official Website for the BitTorrent client, Transmission was being exploited to distribute an Apple Mac operating system (OS) X malware, dubbed OSX/Keydnap that steals the content of the OS X keychain and maintains a permanent backdoor on an infected system after finding that cybercriminals compromised the Transmission site and replaced the legitimate app with a malicious version, which was available for download as Transmission v2.92 between August 28 and August 29. Researchers stated users can determine if their systems are infected by checking if files associated with the malware are present on their system. Source

Above Reprinted from the USDHS Daily Open Source Infrastructure Report

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.