Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Mitigating RBAC-Based Privilege Escalation in Popular Kubernetes Platforms
January 27, 2023
Prisma Cloud and Unit 42 recently released a report examining the use of powerful credentials in popular Kubernetes platforms, which found most platforms install privileged infrastructure components that could be abused for privilege escalation. Unit 42 happy to share that, as of today, all platforms mentioned in their report have addressed built-in node-to-admin privilege escalation. ...
- Ukraine: Sandworm hackers hit news agency with 5 data wipers
January 27, 2023
The Ukrainian Computer Emergency Response Team (CERT-UA) found a cocktail of five different data-wiping malware strains deployed on the network of the country’s national news agency (Ukrinform) on January 17th. “As of January 27, 2023, 5 samples of malicious programs (scripts) were detected, the functionality of which is aimed at violating the integrity and availability of ...
- Iranian and Russian hackers targeting politicians and journalists, warn UK officials
January 26, 2023
Iranian and Russian hackers are targeting British politicians and journalists with espionage attacks, officials have warned. The National Cyber Security Centre has issued a fresh alert about increasing attempts to steal information from specific groups and individuals. Read more… Source: BBC News
- Months after NSA disclosed Microsoft cert bug, datacenters remain unpatched
January 26, 2023
Most Windows-powered datacenter systems and applications remain vulnerable to a spoofing bug in CryptoAPI that was disclosed by the NSA and the UK National Cyber Security Center (NCSC) and patched by Microsoft last year, according to Akamai’s researchers. CryptoAPI helps developers secure Windows-based apps using cryptography; the API can be used, for instance, to validate certificates ...
- New Mimic Ransomware Abuses Everything APIs for its Encryption Process
January 26, 2023
Trend Micro researchers discovered a new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage. This ransomware (which Trend Micro researchers named Mimic based on a string we found in its binaries), was first ...
- HHS: Ransomware groups continue to target U.S. health sector
January 25, 2023
The Royal and Blackcat ransomware groups continue to aggressively target the U.S. health sector, according to a recent advisory from the Department of Health and Human Services. Just this week, the Washington Post described an apparent recent attack by Blackcat on NextGen Healthcare, a company that provides electronic health record and practice management software to ...

