Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyber attack hits electronics firm Volex
October 9, 2023
A cyber attack has hit electronic manufacturer Volex, opening the door to unauthorised access to some of its IT systems. The AIM-listed British company said it is not expecting any “material” financial impact from the incident but shares dropped over four per cent on Monday morning. After discovering the breach of certain IT systems and data ...
- India Space Agency fights 100 cyber hacking bids daily
October 8, 2023
India’s space agency Isro is facing more than 100 cyber-hacking attempts on a daily basis, disclosed its chairman S Somanath on Sunday. Speaking to TOI, Somanath said, “It is not only Isro, but several other systems (of other organisations) that face hundreds of cyber (hacking) attempts. But such attempts have been stopped by our several ...
- 23andMe user data breached in credential-stuffing attack
October 7, 2023
Biotech company 23andMe, known for its DNA testing kits, said the leak occurred through a credential-stuffing attack. A credential-stuffing attack involves user information that has already been compromised (usernames and passwords, for example) from one organization, which a hacker obtains and attempts to reuse with a second organization — in this case, 23andMe. Because of the ...
- Qakbot-affiliated actors distribute Ransom Knight malware despite infrastructure takedown
October 5, 2023
In a late August 2023 operation involving the FBI and many international partners, law enforcement agencies seized the infrastructure and cryptocurrency assets used by the Qakbot malware, dealing considerable damage to the group’s operations. Many people in the security industry wondered whether this would mean that the Qakbot affiliates were gone forever or just temporarily ...
- CISA Releases Three Industrial Control Systems Advisories
October 5, 2023
CISA released three Industrial Control Systems (ICS) advisories on October 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-278-01 Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Products ICSA-23-278-02 Qognify NiceVision Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds Two Known Exploited Vulnerabilities to Catalog, Removes Five KEVs
- NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations
October 5, 2023
Today, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. The ...

