North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Oil & Gas Cybersecurity: Halt Critical Operation Attacks
March 15, 2022
The oil and gas utilities industry face threats from cyber incidents. The ransomware attack on the Colonial Pipeline in May 2021 had a huge impact on the industry. In February 2022, it was also reported that European oil facilities hit by cyber-attack and forced to operate at limited capacity. These latest incidents suggest that oil and ...
- China captures powerful US NSA cyberspy tool
March 14, 2022
China captured a spy tool deployed by the US National Security Agency, which is capable of lurking in a victim’s computer to access sensitive information and was found to have controlled global internet equipment and stole large amounts of users’ information, according to a report the Global Times obtained from the National Computer Virus Emergency ...
- Israeli government websites down due to suspected cyberattack
March 14, 2022
This is the largest-ever cyberattack carried out against Israel, a defense establishment source says Several Israeli government websites went down on Monday, prompting suspicions of a cyberattack. The websites of the Prime Minister’s Office, as well as several ministries, were inaccessible. Access to some of the websites has been restored. A senior defense official reportedly told Haaretz that ...
- CVE-2022-0847 aka Dirty Pipe vulnerability in Linux kernel
March 14, 2022
Last week, security researcher Max Kellermann discovered a high severity vulnerability in the Linux kernel, which was assigned the designation CVE-2022-0847. It affects the Linux kernels from 5.8 through any version before 5.16.11, 5.15.25 and 5.10.102, and can be used for local privilege escalation. The vulnerability resides in the pipe tool, which is used for ...
- QNAP warns severe Linux bug affects most of its NAS devices
March 14, 2022
Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by a high severity Linux vulnerability dubbed ‘Dirty Pipe’ that allows attackers with local access to gain root privileges. The ‘Dirty Pipe’ security bug affects Linux Kernel 5.8 and later versions, even on Android devices. If successfully exploited, it allows non-privileged ...
- Automotive giant Denso confirms hack, Pandora ransomware group takes credit
March 14, 2022
Denso has confirmed a cyberattack impacting the firm’s German operations. The company is a global supplier of automotive components, including those developed for autonomous vehicle features, connectivity, and mobility services. Denso says that its technologies are used in “almost all vehicles around the globe.” Clients include Toyota, Honda, General Motors, and Ford. Consolidated revenue in the 2020-2021 ...