Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- A Blind Spot in ICS Security: The Protocol Gateway [Part 2] Vulnerability Allowing Stealth Attacks on Industrial Control Systems
September 14, 2020
A protocol gateway is a small network device, also called a protocol converter” or “IoT gateway.” It is similar to an “interpreter” in the digital word, and acts as a communications intermediary between different protocols. As the integration of networks accelerates with IoT, protocol conversion grows increasingly important. However, the security of protocol gateways has not ...
- Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs
September 14, 2020
The U.S. government is warning that Chinese threat actors have successfully compromised several government and private sector entities in recent months, by exploiting vulnerabilities in F5 BIG-IP devices, Citrix and Pulse Secure VPNs and Microsoft Exchange servers. Patches are currently available for all these flaws – and in some cases, have been available for over a ...
- Fairfax County schools hit by Maze ransomware, student data leaked
September 12, 2020
Fairfax County Public Schools (FCPS), the 10th largest school division in the US, was recently hit by ransomware according to an official statement published on Friday evening. The school district is also the largest in the Baltimore-Washington Metropolitan Area and it has a budget of $3.1 billion approved for 2021. FCPS has over 188,000 current students and ...
- Palo Alto Networks fixes critical flaw in PAN-OS firewall software
September 11, 2020
Palo Alto Networks has fixed a new critical vulnerability affecting multiple versions of PAN-OS, the operating system affecting its next-generation firewalls. The issue received the identification number CVE-2020-2040 and has a severity score of 9.8 out of 10 and requires no user interaction. An unauthenticated attacker can exploit it by sending a malicious request to specific ...
- APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins
September 11, 2020
The Russia-linked threat group known as APT28 has changed up its tactics to include Office 365 password-cracking and credential-harvesting. Microsoft researchers have tied APT28 (a.k.a. Strontium, Sofacy or Fancy Bear) to this newly uncovered pattern of O365 activity, which began in April and is ongoing. The attacks have been aimed mainly at U.S. and U.K. organizations ...
- Microsoft confirms Chinese, Iranian, and Russian cyber-attacks on Biden and Trump campaigns
September 10, 2020
Microsoft said today that Chinese, Iranian, and Russian state-sponsored hackers had tried to breach email accounts belonging to people associated with the Biden and Trump election campaigns. The “majority of these attacks” were detected and blocked, according to Tom Burt, Corporate Vice President for Customer Security & Trust at Microsoft. Burt disclosed the incidents in a blog ...

