April 6, Softpedia – (International) Windows’ Pirrit adware ported to OS X via Qt Framework. Security researcher from Cybereason discovered that the OSX/Pirrit adware was infecting Apple Mac users for the first time and hijacking users’ Web traffic with several ads via the Qt Framework, which allows programmers to write applications that work on Apple Mac devices, Linux systems, and Microsoft Window devices. The malware was seen using several steps to infiltrate a system after a user launches a Pirrit-laced binary. Source.
April 6, SecurityWeek – (International) Adobe to patch actively exploited Flash zero-day. Adobe reported April 5 that it will be releasing a patch for its Flash Player 21.0.0.197 and its earlier versions April 7 which will address a zero-day vulnerability after malicious attackers were seen actively exploiting the flaws. Customers were advised to ensure their Flash Players were updated to version 21.0.0.182 or later. Source.
April 5, SecurityWeek – (International) New Locky variants change communication patterns. Researchers from Check Point discovered that Locky, a prominent ransomware family, had changed its distribution mechanism to use JavaScript (.js) attachments for malware distribution and that another Locky variant was included as the malicious payload in the Nuclear exploit kit (EK) with additional communication changes. In addition, FireEye Labs researchers found that the ransomware was increasing its infection rate and surpassing the Dridex spam activities. Source.
April 6, SecurityWeek – (International) Quanta routers plagued by many unpatched flaws. A security researcher discovered more than 20 vulnerabilities in the latest firmware version of Quanta Computer’s LTE QDH routers, and several other devices including QDH, UNE, Mobily, and YooMee 4G routers that can allow an attacker to obtain sensitive information including credentials and configuration data through several flaws including remote code execution, arbitrary file access, a denial-of-service (DoS) vulnerability, and a hardcoded Secure Shell (SSH) server key that can be used to decrypt SSH traffic going through the router. Quanta stated the vulnerabilities in the LTE QDH routers will not be patched since the routers have reached end of life (EOL). Source.