April 1, SecurityWeek – (International) Code execution flaw found in Lhasa decompression library. Lhasa released version 0.3.1 for its open source tool and library product addressing an integer underflow vulnerability after Cisco TALOS researchers found hackers could exploit the flaw for arbitrary code execution by tricking victims into opening a specially crafted file, as well as through file scanning systems that leverage the vulnerable library to read the content of LZH and LHA files. Source
March 31, Softpedia – (International) Rokku ransomware uses QR codes to help you pay for your files. Security researchers from Avira discovered a new ransomware named Rokku that encrypts victims’ files while attaching the “.rokku” extension via spam emails embedded with malicious email attachments that will execute the ransomware’s encryption process when opened. Source
March 31, Softpedia – (International) SideStepper attack targets corporate iOS devices. Security researchers from Check Point discovered a new attack method dubbed SideStepper that targets Apple iOS devices used in enterprise environments and are enrolled in Mobile Device Management (MDM) setups, which could allow attackers to bypass iOS security protections and install malware on a device by sending a malicious configuration profile via email, instant messaging (IM), or short message service (SMS) to the device, through the use of a legitimate enterprise certificate to install malicious apps via a trivial Man-in-the-Middle (MitM) attack. Source