Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On November 01, 2016

October 30, Softpedia – (International) Serial spammer pleads guilty, faces up to ten years in jail. A Florida resident pleaded guilty October 27 for orchestrating spam campaigns where he and 2 co-conspirators operated a legitimate business named A Whole Lot of Nothing LLC, which provided on-demand spam campaigns for legitimate business and illegal parties, including groups selling untested pharmaceutical drugs. The charges state the trio built botnets to distribute their spam, constructed proxy networks to avoid detection, and hacked into at least four corporate networks and Websites in order to take control of corporate emails and servers to distribute spam from devices that were not blacklisted, among other malicious activities.  Source

October 28, SecurityWeek – (International) Mirai botnet infects devices in 164 countries. Imperva security researchers discovered that roughly 49,657 unique Internet Protocol (IP) addresses across 164 countries are hosting Internet of Things (IoT) devices infected with the Mirai botnet. The researchers found that 10 percent of the IP addresses hosting Mirai-infected devices are located in the U.S. Source

October 28, SecurityWeek – (International) LDAP attack vector makes terabit-scale DDoS attacks possible. Corero Network Security researchers reported a newly observed zero-day distributed denial-of-service (DDoS) attack vector that relies on the Lightweight Directory Access Protocol (LDAP) could be used to leverage an amplification factor of 46 times and a peak of 55 times to carry out terabit-scale DDoS events against a target. Corero also reported that an attacker could send a simple query to a compromised reflector supporting the Connectionless LDAP service (CLDAP) to make it appear as though the query originated from the intended victim, causing unwanted network traffic to be immediately sent to the attacker’s target.  Source

Above Reprinted from the USDHS Daily Open Source Infrastructure Report

November 1, DarkReading - Google Adwords Malvertising Campaign Targets Apple Macs. Cheeky attackers make their lure an ad for Google Chrome.  Apple Mac owners using the Google search engine may have been infected via malicious ads at the tip-top of their search results last week after attackers launched a malvertising campaign against Google Adwords. In an act of gumption or plain cheek, the attackers' malicious lure of choice was a phony ad for one of Google's own products, Google Chrome.  Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.