Summary: The ClickFix campaign employs social engineering tactics to lure users into fraudulent Google Meet pages, ultimately delivering info-stealing malware for both Windows and macOS systems. This campaign has evolved significantly, utilizing various deceptive methods to target victims, particula…
Tag: MACOS
Summary: Microsoft has identified a macOS vulnerability, known as “HM Surf,” which allows attackers to bypass the Transparency, Consent, and Control (TCC) protections, potentially leading to unauthorized access to sensitive user data. Apple has released a fix for this vulnerability, CVE-2024-44133,…
Summary: An analysis by Zengo reveals a security flaw in WhatsApp that could expose users’ operating systems and device configurations, potentially allowing attackers to target vulnerabilities specific to those systems. This issue arises from how WhatsApp manages its multi-device setup and the metad…
ClickFix is a 2024-era social engineering tactic that uses fake error popups to trick users into executing malicious PowerShell code, enabling malware distribution on Windows and macOS. The campaigns tie to TA571 and groups such as Slavic Nation Empire (SNE) aβ¦
Summary: A critical security vulnerability, CVE-2024-45720, has been discovered in Apache Subversion, affecting Windows platforms and allowing for command line argument injection that could lead to the execution of unintended programs. The vulnerability has been patched in Subversion 1.14.4, and use…
Discover how North Korean attackers, posing as recruiters, used an updated downloader and backdoor in a campaign targeting tech job seekers.
The post Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware appeared first on Unit 42….
Summary: Apple has issued updates for iOS and iPadOS to fix two significant security vulnerabilities, one allowing saved passwords to be read aloud by VoiceOver and another affecting audio capture on iPhone 16 models. Users are encouraged to update their devices to ensure protection against these is…
Malicious Google sponsored results disguised as software downloads lead to malware….
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0 Threat Actors leverage Docker…
Summary: Recent research has revealed that a set of four vulnerabilities in the Common Unix Printing System (CUPS) not only allows for remote code execution but also enables attackers to launch significant distributed denial-of-service (DDoS) attacks at minimal cost. Approximately 58,000 Internet-ex…
This article examines a suspicious PDF viewer application suspected of being linked to DPRK malware. It explores the detailed analysis of an application named “Dedicated PDF Viewer” and a corresponding PDF file. Although the viewer does not appear to be outrigβ¦
Summary: The Rhadamanthys information stealer has introduced advanced features, including AI-driven optical character recognition for extracting cryptocurrency wallet seed phrases from images, making it a significant threat to cryptocurrency users. Despite facing bans from underground forums, its de…
Summary: RedTeam Pentesting GmbH has identified two critical vulnerabilities in WatchGuard’s Authentication Gateway and Single Sign-On Client software, which could affect numerous organizations. The vulnerabilities, CVE-2024-6592 and CVE-2024-6593, allow unauthorized access to sensitive user informa…
Summary: Recent cyber espionage campaigns linked to China have targeted U.S. internet service providers, with the Salt Typhoon operation focusing on intelligence gathering and potential disruptions. Investigations are ongoing to determine the extent of the breaches and whether critical infrastructur…
Summary: A recently patched vulnerability in OpenAI’s ChatGPT app for macOS, known as SpAIware, could have allowed attackers to implant persistent spyware in the app’s memory, facilitating continuous data exfiltration. This exploit leveraged the memory feature introduced by OpenAI, which retains inf…