March 16, The Register – (International) Middle-aged US bloke pleads guilty to iCloud celeb nude photo hack. The U.S. Department of Justice reported March 16 that a man from Lancaster pleaded guilty to one count of unauthorized access to a protected computer after he illegally accessed and downloaded images from 50 iCloud accounts and 72 Gmail accounts via phishing attacks from November 2012 – September 2014. Source
March 16, Softpedia – (International) AceDeceiver iOS trojan abuses Apple’s Fairplay DRM System to infect users. Researchers from Palo Alto Networks reported that a new iOS trojan dubbed AceDeceiver was targeting Apple, Inc.’s FairPlay digital rights management (DRM) system and can allow attackers to infect both jailbroken and non-jailbroken devices by using a FairPlay Man-in-the-Middle (MitM) attack to spread pirated apps by allowing attackers to request authorized code and distribute the code to any device of choice, enabling hackers to act as a middleman between a victim’s personal computer (PC) and the App store. Source
March 16, Help Net Security – (International) Malvertising campaign hits MSN.com, NY Times, BBC, AOL. Security researchers from Malwarebytes and Trustwave discovered that a malvertising campaign was targeting popular websites such as the New York Times, Microsoft’s MSN Web site, and The Hill, among other websites, by using the ad networks hosted on each website to serve malicious ads that could lead users to other sites hosting an exploit kit (EK). Source
March 16, Softpedia – (International) Database of abandoned iOS app exposes details for 198,000 users. Security researchers from MacKeeper discovered that the MongoDB database associated with the discontinued Kinoptic iOS app exposed 198,000 users’ information online including usernames, email addresses, and hashed passwords, among other data, via a default MongoDB configuration that allowed the public to access its content without any form of authentication. Source