Blog

By Nancy Rand, Posted in Uncategorized

May 5, Help Net Security – (International) New AlphaCrypt ransomware delivered via Angler EK. Security researchers at Webroot and Rackspace discovered and determined that a new form of ransomware resembling TeslaCrypt and CryptoWall, dubbed AlphaCrypt, is being delivered via the Angler exploit kit (EK). Researchers stated that it differs from other ransomware variants by deleting volume snapshot services (VSS) and executing quietly in background processes to avoid detection. Source May 5, Help Net Securi... read more.

• May 06, 2015

By Nancy Rand, Posted in Uncategorized

May 4, Securityweek – (International) PayPal fixes remote code execution flaw in Partner Program website. PayPal fixed a vulnerability discovered by Vulnerability Lab researchers in its Partner Program Web site which would allow an attacker to leverage a bug in the site’s Java Debug Wire Protocol (JDWP) service to remotely execute server-side commands with root privileges. Source May 1, Threatpost – (International) Mozilla moving toward full HTTPS enforcement in Firefox. The Mozilla Foundation reported t... read more.

• May 06, 2015

By Nancy Rand, Posted in Security

May 1, Securityweek – (International) Security bug in ICANN portals exploited to access user data. The Internet Corporation for Assigned Names and Numbers (ICANN) released April 30 initial findings from an investigation revealing that a vulnerability in two of the organizations generic top-level domain (gTLD) portals had resulted in the exposure of 330 advanced search result records pertaining to 96 applicants and 21 registry operators since April 2013. The organization plans to contact both the affected us... read more.

• May 04, 2015

By Nancy Rand, Posted in Uncategorized

April 30, Help Net Security – (International) Barracuda fixes critical MITM flaws in its Web filter. Barracuda Networks issued a security update patching two critical flaws in the firmware of its Web Filter appliances in which an attacker could perform man-in-the-middle (MitM) attacks due to vulnerabilities in certificate verification when performing secure socket layer (SSL) inspection and the use of default certificates for multiple machines. Source April 29, Securityweek – (International) Bartalex mal... read more.

• May 01, 2015

By Nancy Rand, Posted in Security

April 29, Securityweek – (International) InFocus projectors plagued by authentication flaws: Core Security. Security researchers at Core Security identified an authentication bypass vulnerability in InFocus network-connected projectors in which an unauthenticated user could bypass the login page and access the projector’s Web interface as an administrator by navigating to the “main.html” page. Once logged in, the unauthenticated user would have the ability to access and modify private network and WiFi confi... read more.

• April 30, 2015

By Ken Phelan, Posted in Security

I was at the RSA Conference in San Francisco last week and I’d like to report that the Information Security economy is booming. With record numbers of attendees and exhibitors, the buzz around security has never been stronger. All of the news regarding attacks has created a lot of momentum. Most of Gotham’s large customers deal with significant incidents on a near daily basis, and even smaller clients have seen serious incidents over the last year. This increased pressure on cyber security now has boa... read more.

• April 30, 2015

By Nancy Rand, Posted in Security

April 28, Softpedia – (International) Cyber gang stealing $15 million from banks dismantled by Romanian authorities. Romanian authorities raided 42 locations in 6 countries and detained 25 individuals April 26 in connection to their roles in a group of over 52 suspects who allegedly cloned cards with information from banks’ computer systems to steal over $15 million from financial institutions in the U.S. and worldwide. The thieves supposedly made 34,000 cash withdrawals from ATMs in 24 countries from Febru... read more.

• April 29, 2015

By Nancy Rand, Posted in Security

April 27, Softpedia – (International) Wordpress 4.2 affected by zero-day stored XSS, PoC available. A security researcher from Klikki Oy discovered a stored cross-site scripting (XSS) vulnerability in WordPress 4.2 and earlier versions in which unauthenticated parties can exploit a flaw in comment text truncation to run arbitrary code on affected servers. Source April 25, Softpedia – (International) Over 25,000 iOS apps affected by bug breaking HTTPS. Security researchers at SourceDNA discovered a vulner... read more.

• April 28, 2015

By Nancy Rand, Posted in Security

April 24, Securityweek – (International) Login vulnerability exposes SAP ASE databases. The German business software company SAP patched a login vulnerability in its SAP Adaptive Server Enterprise (ASE) in which attackers could use a flawed “probe” two-phase commit login to gain unauthorized access and potentially exploit a privilege escalation flaw to take complete control of the affected server. Source ... read more.

• April 27, 2015

By Nancy Rand, Posted in Security

April 23, Softpedia – (International) Improper parsing of SSID info exposes Wi-Fi client’s memory contents. Security researchers at Alibaba and Google discovered a vulnerability in the cross-platform “wpa_supplicant” Wi-Fi software that affects versions 1.0 – 2.4 with the Config_P2P option turned on and could allow an attacker to create a service set identifier (SSID) buffer overflow condition, potentially exposing sensitive information in the memory of the device and allowing for arbitrary code execution.... read more.

• April 24, 2015