If you have Apple’s popular player installed, QuickTime, remove it immediately! According to an alert issued by the US Department of Homeland Security and the TrendMicro , this software has serious flaws that can be exploited by hackers.
Moreover, as we know, Apple will not release any more updates for QuickTime.
An alert worldwide made by the US Department of Homeland Security and the TrendMicro reveal that the popular QuickTime player has security flaws that leave a vulnerable machine. Remember that QuickTime came with installing iTunes and in that sense there will certainly still thousands of machines with this software installed.
According to information from the US Department of Security , QuickTime has two security holes that are already documented: ZDI-16-241 and ZDI-16-242 .
Ransomware is a piece of software that has attacked people and tried to put the hostages computers to compel their owners to pay the ransom.
A new variant is out there: Maktub Locker.
This new variant of ransomware starts to capture the attention of the victim through an email that apparently is innocent and trustworthy. The point of having even a legitimate address. The subject, to get the user’s attention, must be either disturbing or exciting, the tactic is currently being warning to alert the victim, so the trick are the warnings of authorities issuing overdue invoices alerts.
The email usually contains a request for payment of such invoice in arrears. What differentiates this from other ransomware that we know is that this seems to have an idea of where the victim lives, it includes your address within the message.
Additionally, the message contains a link that supposedly opens a printable version of that document. Clicking on the link will download what looks like a Word document. The file will open, but it is here that starts the user’s headache as it is at this point that, without realizing it, begins in the background software to encrypt all your computer files.
Since the encryption is done, the program will require the user to log out, it will fire a message stating that all your personal files were encrypted. a timer is then displayed, indicating how long a victim has to pay the ransom. The payment begins at 1.4 Bitcoins (about 515 euros), and increases as time passes.
Another striking feature of the program is that it does not need an Internet connection to encrypt the files. It also spreads the victim’s files, similar to CryptoWall, in order to hide the files and cause more confusion to the user, even create panic.