North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Security Risks with Private 5G in Manufacturing Companies Part. 2
October 15, 2021
The steel industry is a prime area for installing Private 5G Private 5G is said to bring about the “democratization of communications.” This technology allows private companies and local governments to take the driving seat in operating the latest information communication systems. However, not all organizations have the knowledge and ability to deal with telecom technology, ...
- TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates
October 15, 2021
The cybercriminals behind the infamous TrickBot trojan have signed two additional distribution affiliates, dubbed Hive0106 (aka TA551) and Hive0107 by IBM X-Force. The result? Escalating ransomware hits on corporations, especially using the Conti ransomware. The development also speaks to the TrickBot gang’s increasing sophistication and standing in the cybercrime underground, IBM researchers said: “This latest development ...
- New Yanluowang ransomware used in targeted attacks
October 14, 2021
The Symantec Threat Hunter Team, a part of Broadcom Software, has uncovered what appears to be a new ransomware threat called Yanluowang that is being used in targeted attacks. In a recent attempted ransomware attack against a large organization, Symantec obtained a number of malicious files that, upon further investigation, revealed the threat to be a ...
- Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes
October 14, 2021
Recently, Unit 42 has observed active exploits related to an open-source service called Interactsh. This tool can generate specific domain names to help its users test whether an exploit is successful. It can be used by researchers – but also by attackers – to validate vulnerabilities via real-time monitoring on the trace path for the ...
- Secure Manufacturing on Cloud, Edge and 5G
October 13, 2021
Global manufacturers need to digitize their manufacturing processes and transform their business into a digital enterprise. Digital manufacturing is an advancement that many businesses have been using, with 60% of factories already using the cloud (87% including businesses who will soon implement it) and 26% with Private 5G already implemented (67% including enterprises who will ...
- Israeli hospital targeted by ransomware attack
October 13, 2021
The Hillel Yaffe Medical Center in Hadera has been targeted by a ransomware attack that affected the computer systems of the hospital, the medical center announced on Wednesday. The attack occurred without any prior warning. Since the attack, the hospital has using alternate systems in the meantime while treating patients. The hospital is operating as normal, ...