Attackers exploit an “unquoted path” flaw in the Bonjour updater in iTunes for Windows to deliver ransomware attacks.
The BitPaymer ransomware operators were observed abusing a zero-day vulnerability in Apple’s iTunes for Windows to run code and evade detection, Morphisec’s security researchers have discovered.
Flaw in iTunes for Windows Abused for Ransomware Attacks
Apple has patched a vulnerability in iCloud for Windows and iTunes for Windows that malicious actors had been exploiting to evade antivirus and endpoint detection and response systems as they attempted to infect machines with ransomware.
Just as Mac users wave goodbye to iTunes with macOS Catalina, Windows users are being warned of a horrible bug that has been found in their version of the software and which has enabled malicious attacks on targeted systems.
Several companies from the automotive industry were targeted by BitPaymer ransomware operators during August, in attacks that used an Apple zero-day vulnerability impacting the Apple Software Update service bundled with iTunes and iCloud for Windows.
The gang behind BitPaymer and ransomware attacks has been found exploiting Windows zero-day for Apple iTunes and iCloud.
The operators of the BitPaymer ransomware have been spotted using a zero-day in iTunes for Windows as a mechanism to bypass antivirus detection on infected hosts.
Apple patches actively exploited flaw that let ransomware crooks evade AV protection.
The ransomware operators targeted an "unquoted path" vulnerability in iTunes for Windows to evade detection and install BitPaymer.
Experienced Marketing Leader Joins Cybersecurity Vendor to Drive Market Share and Brand Awareness BE’ER SHEVA, ISRAEL AND ...
VP of Product at Morphisec recognized at the prestigious Black Unicorn Awards BE’ER SHEVA, ISRAEL & BOSTON --AUGUST 02, ...
Morphisec CTO & Head of Threat Research recognized at the prestigious Black Unicorn Awards BE’ER SHEVA, ISRAEL, AND BOSTON ...