Calendar Meeting Links Used to Spread Mac Malware

Credit to Author: BrianKrebs| Date: Wed, 28 Feb 2024 16:56:43 +0000

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s account at Calendly, a popular free calendar application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems.

Read more

CISA issues alert with South Korean government about DPRK’s ransomware antics

Categories: News

Categories: Ransomware

Tags: CISA

Tags: ransomware

Tags: Democratic People’s Republic of Korea

Tags: DPRK

Tags: North Korea

Tags: WannaCry

Tags: EternalBlue

Tags: Lazarus Group

Tags: APT

Tags: Magniber

Tags: Magnitude exploit kit

Tags: exploit kit

Tags: EK

Tags: Andariel

Tags: Silent Chollima

Tags: Stonefly

Tags: Maui

Tags: H0lyGh0st

Tags: PLUTONIUM

Tags: Conti

The tactics of North Korean-sponsored ransomware cyberattacks against the healthcare sector and other vital infrastructure are highlighted in the latest #StopRansomware alert.

(Read more…)

The post CISA issues alert with South Korean government about DPRK’s ransomware antics appeared first on Malwarebytes Labs.

Read more

A week in security (December 5 – 11)

Categories: News

Tags: Lock and Code S03E25

Tags: lock & code

Tags: lock and code

Tags: S03E25

Tags: Dustin Childs

Tags: Eufy

Tags: Snapchat

Tags: Apple

Tags: Apple AirTag

Tags: Google Chrome

Tags: V8 vulnerability

Tags: Hive

Tags: Facebook hoax

Tags: PayPal phish

Tags: Lazarus Group

Tags: SIM swapper

Tags: festive scam

Tags: holiday scams

Tags: Android vulnerability

Tags: Bluetooth

Tags: SaaS

Tags: SaaS best practices

Tags: Epic Games

Tags: Threat Intelligence Reports

The most interesting security related news from the week of December 5 to 11.

(Read more…)

The post A week in security (December 5 – 11) appeared first on Malwarebytes Labs.

Read more

CISA list of 95 new known exploited vulnerabilities raises questions

Credit to Author: Pieter Arntz| Date: Mon, 14 Mar 2022 11:18:33 +0000

When CISA decided to add 95 known exploited vulnerabilities to its catalog in one day, we decided to do some digging.

The post CISA list of 95 new known exploited vulnerabilities raises questions appeared first on Malwarebytes Labs.

Read more

December Patch Tuesday blunts WizardOpium attack chain

Credit to Author: John E Dunn| Date: Thu, 12 Dec 2019 10:42:32 +0000

December 2019’s Patch Tuesday updates are, including a fix for the Windows flaw used in recently discovered WizardOpium attacks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/PoQEqUB0h3I” height=”1″ width=”1″ alt=””/>

Read more

Mac users targetted by Lazarus ‘fileless’ Trojan

Credit to Author: John E Dunn| Date: Fri, 06 Dec 2019 13:18:09 +0000

The Lazarus hacking group are trying to sneak a ‘fileless’ Trojan on to Apple computers, disguised as a fake cryptocurrency trading program.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/GN789RKuVrQ” height=”1″ width=”1″ alt=””/>

Read more

US Treasury targets North Korean hacking groups

Credit to Author: John E Dunn| Date: Tue, 17 Sep 2019 10:49:50 +0000

The US has formally sanctioned the Lazarus Group and offshoots Bluenoroff and Andariel, which are allegedly acting on behalf of the DPRK.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/8GcM-gDnzJI” height=”1″ width=”1″ alt=””/>

Read more