Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On April 05, 2016

April 1, SecurityWeek – (International) Code execution flaw found in Lhasa decompression library. Lhasa released version 0.3.1 for its open source tool and library product addressing an integer underflow vulnerability after Cisco TALOS researchers found hackers could exploit the flaw for arbitrary code execution by tricking victims into opening a specially crafted file, as well as through file scanning systems that leverage the vulnerable library to read the content of LZH and LHA files. Source

March 31, Softpedia – (International) Rokku ransomware uses QR codes to help you pay for your files. Security researchers from Avira discovered a new ransomware named Rokku that encrypts victims’ files while attaching the “.rokku” extension via spam emails embedded with malicious email attachments that will execute the ransomware’s encryption process when opened. Source

March 31, Softpedia – (International) SideStepper attack targets corporate iOS devices. Security researchers from Check Point discovered a new attack method dubbed SideStepper that targets Apple iOS devices used in enterprise environments and are enrolled in Mobile Device Management (MDM) setups, which could allow attackers to bypass iOS security protections and install malware on a device by sending a malicious configuration profile via email, instant messaging (IM), or short message service (SMS) to the device, through the use of a legitimate enterprise certificate to install malicious apps via a trivial Man-in-the-Middle (MitM) attack. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.