North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Some London commuters may never be refunded after TfL cyber attack
November 30, 2024
Sadiq Khan has admitted victims of a Transport for London (TfL) cyber attack may never get their money back. Tens of thousands of Londoners are feared to have been left out of pocket after hackers gained access to the travel authority’s systems in September. The aftermath of the hack meant over-60s, children and students were unable to ...
- Pakistan: Severe Cyber Attack at Dewan Farooque Motors Corrupts Data and Crashes Servers
November 30, 2024
A cyber-attack crippled Dewan Farooque Motors Limited (DFML), corrupting key corporate data and crashing servers. The Pakistan Stock Exchange (PSX) received notice of the incident on Friday. DFML told stakeholders that restoring its information systems and financial data, including information from the first quarter ending September 30, 2024, will be a lengthy process. Read more… Source: ProPakistan News Sign ...
- Another background check company suffered data breach with over 600,000 people details exposed
November 29, 2024
Another background check company suffered a data breach; this time, more than 600,000 people were affected. It’s a minor breach compared with the 2.9 billion people hit by the National Public Data hack, but it’s still scary. The company in question, SL Data Services, was discovered online. It was publicly exposed and not password-protected or encrypted. ...
- SonicWall Releases Security Updates for SMA100 NetExtender for Windows (CVE-2024-29014)
November 27, 2024
SonicWall has released a security update addressing a vulnerability in the Windows (32 and 64-bit) versions of SonicWall SMA100 NetExtender. SMA100 NetExtender is a virtual private network (VPN) client. This vulnerability tracked as CVE-2024-29014, may allow an attacker to execute arbitrary code when processing an EPC Client update. CVE-2024-29014 was originally assigned a CVSSv3 score of ...
- TaxOff: um, you’ve got a backdoor…
November 27, 2024
In Q3 2024, the Positive Technologies Expert Security Center (PT ESC) TI Department discovered a series of attacks on Russian government agencies. PT ESC researchers were unable to establish any connection with known groups using the same techniques. The main goal was espionage and gaining a foothold to follow through on further attacks. They dubbed the group ...
- Ransomware attack on Blue Yonder disrupts Starbucks, Sainsbury’s, Morrisons
November 27, 2024
Starbucks has confirmed that a ransomware attack on software supplier Blue Yonder has disrupted its internal systems for managing employee schedules and tracking work hours. The incident has primarily affected Starbucks’ North American operations, including approximately 11,000 stores across the United States and Canada. Starbucks says the cyberattack has compromised its ability to track baristas’ hours ...