Threat Reports

Silobreaker Daily Cyber Digest – 11 March 2016

Adobe patches 18 critical Flash vulnerabilities
One of the patches corrects an exploit for CVE-2016-1010, an integer overflow vulnerability that allows remote code execution. Adobe noted in its advisory on Thursday that this zero-day had already been used in limited, targeted attacks.

US to indict Iranian hackers
Sources suggest that the US Justice Department is planning to indict a group of Iranian hackers for a 2013 cyber attack targeting a New York state dam.

Although the specifics of the attack are still classified, US officials have said that the Iranians accessed the back office (rather than operational) systems of the Bowman Avenue Dam, a small flood control system located approximately 50km north of New York City.

The public announcement is likely to come next week as part of the Obama administration’s ‘name and shame’ policy against foreign hackers. The last indictment of this kind came in 2014, when the DoJ charged five Chinese military hackers with commercial espionage.

Critical router vulnerabilities found
Timur Yunusov, a Russian security tester at Nullcon, found flaws in eight sets of 3G and 4G modems from Huawei, Gemtek, Quanta and ZTE.

Almost all of the models, thousands of which are exposed over Shodan, are vulnerable to cross-site request forgery (CSRF). Four of the eight have cross-site scripting vulnerabilities (XSS) and the majority of these flaws allow for remote code execution.

The Silobreaker Team

More News

  • Silobreaker Daily Cyber Digest – 22 March 2019

      Ongoing Campaigns Dr Web reports Flexnet banking trojan targeting users of Android devices Flexnet banking trojan is reportedly based on GM bot trojan...
  • Silobreaker Daily Cyber Digest – 21 March 2019

      Malware New Carbanak Gang tools discovered by Flashpoint Flashpoint researchers reported on newly discovered tools used by the Carbanak Gang in a campaign...
  • Silobreaker Daily Cyber Digest – 20 March 2019

      Malware Malicious Office document analysed by ZLAB Researchers at Cybaze-Yoroi ZLAB discovered a malicious Office document with a payload capable of bypassing AppLocker...
View all News

Request a demo

Get in touch