Security Alerts & News
by Tymoteusz A. Góral

History
#2161 Ransomware scammers exploited Safari bug to extort porn-viewing iOS users
Ransomware scammers have been exploiting a flaw in Apple's Mobile Safari browser in a campaign to extort fees from uninformed users. The scammers particularly target those who viewed porn or other controversial content. Apple patched the vulnerability on Monday with the release of iOS version 10.3.

The flaw involved the way that Safari displayed JavaScript pop-up windows. In a blog post published Monday afternoon, researchers from mobile-security provider Lookout described how exploit code surreptitiously planted on multiple websites caused an endless loop of windows to be displayed in a way that prevented the browser from being used. The attacker websites posed as law-enforcement actions and falsely claimed that the only way users could regain use of their browser was to pay a fine in the form of an iTunes gift card code to be delivered by text message. In fact, recovering from the pop-up loop was as easy as going into the device settings and clearing the browser cache. This simple fix was possibly lost on some uninformed targets who were too uncomfortable to ask for outside help.
Read more
#2161 Ransomware scammers exploited Safari bug to extort porn-viewing iOS users
#2160 Apple pushes security update to OSX Yosemite and ElCapitan
#2159 Researcher says API flaw exposed Symantec certificates, including private keys
#2158 Alleged vDOS owners poised to stand trial
#2157 Nokia to smartphone owners: Malware infections are far higher than you think
#2156 Doxed by Microsoft’s Docs.com: Users unwittingly shared sensitive docs publicly
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12