Alleged Gozi Trojan Creator Among Three Charged by ...

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

PJS880,
User Rank: Ninja
2/2/2013 | 5:23:39 PM

re: Alleged Gozi Trojan Creator Among Three Charged by Authorities

My Information Securities
professor always said to use your powers for good and not evil. It appears that
this is what she was referring to. It also sounds like they are trying to make
examples of these guys, That is an awful longtime in prison, George Tubin was
right 60-95 years in prison definitely is a clear message.

Paul Sprague

InformationWeek Contributor

-á

Reply | Post Message | Messages List | Start a Board

kjhiggins,
User Rank: Strategist
1/24/2013 | 3:45:17 PM

re: Alleged Gozi Trojan Creator Among Three Charged by Authorities

So true--Gozi is still alive and well.

Kelly Jackson Higgins, Senior Editor
Dark Reading

Reply | Post Message | Messages List | Start a Board

Larry Seltzer - UBM Tech,
User Rank: Apprentice
1/24/2013 | 1:02:19 AM

re: Alleged Gozi Trojan Creator Among Three Charged by Authorities

Yeah, it's good news, but unlike most criminal conspiracies, when you bust the perps in a bank trojan ring the victims keep piling up. At least at some level

Reply | Post Message | Messages List | Start a Board

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

Black Hat Europe - December 5-8 - Learn More

Black Hat Middle East & Africa - November 15-17 - Learn More

SecTor - Canada's IT Security Conference Oct 1-6 - Learn More

More Informa Tech Live Events

White Papers

6 Elements of a Solid IoT Security Strategy

Five Best Practices for AWS Security Monitoring

Sumo Logic for Continuous Intelligence

Endpoint Detection Net Suite Use Cases

Ambush Attackers at the Endpoint with the Endpoint Detection Net (EDN) Suite

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

Black Hat USA 2022 Attendee Report

Black Hat attendees are not sleeping well. Between concerns about attacks against cloud services, ransomware, and the growing risks to the global supply chain, these security pros have a lot to be worried about. Read our 2022 report to hear what they're concerned about now.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2022-35942
PUBLISHED: 2022-08-12

Improper input validation on the `contains` LoopBack filter may allow for arbitrary SQL injection. When the extended filter property `contains` is permitted to be interpreted by the Postgres connector, it is possible to inject arbitrary SQL which may affect the confidentiality and integrity of data ...

CVE-2022-35949
PUBLISHED: 2022-08-12

undici is an HTTP/1.1 client, written from scratch for Node.js.`undici` is vulnerable to SSRF (Server-side Request Forgery) when an application takes in **user input** into the `path/pathname` option of `undici.request`. If a user specifies a URL such as `http://127.0.0.1` or `//127.0.0.1` ```js con...

CVE-2022-35953
PUBLISHED: 2022-08-12

BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was patche...

CVE-2022-35956
PUBLISHED: 2022-08-12

This Rails gem adds two methods to the ActiveRecord::Base class that allow you to update many records on a single database hit, using a case sql statement for it. Before version 0.1.3 `update_by_case` gem used custom sql strings, and it was not sanitized, making it vulnerable to sql injection. Upgra...

CVE-2022-35943
PUBLISHED: 2022-08-12

Shield is an authentication and authorization framework for CodeIgniter 4. This vulnerability may allow [SameSite Attackers](https://canitakeyoursubdomain.name/) to bypass the [CodeIgniter4 CSRF protection](https://codeigniter4.github.io/userguide/libraries/security.html) mechanism with CodeIgniter ...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]