The campaign, which uses the Apple Developer Program and Enterprise Signatures to get past Apple’s app review process, remains active.
Source: Read More (Threatpost)
You might be interested in …
[TheRecord] New CPU side-channel attack takes aim at Chrome’s Site Isolation feature
A team of academics from universities in Australia, Israel, and the US has successfully mounted CPU side-channel attacks that recover data from Google Chrome and Chromium-based browsers protected by the Site Isolation feature. Named Spook.js, the discovery is related to the Meltdown and Spectre attacks disclosed in January 2018, two CPU design flaws that could allow malicious code running on […]
[SecurityWeek] Bridging the Gap Between Training and Behavior
While employees want to do the right thing when it comes to protecting their organization from cyber threats, we cannot expect them to be perfect read more Source: Read More (SecurityWeek RSS Feed)
[HackerNews] Chinese Hackers Caught Stealing Intellectual Property from Multinational Companies
An elusive and sophisticated cyberespionage campaign orchestrated by the China-backed Winnti group has managed to fly under the radar since at least 2019. Dubbed “Operation CuckooBees” by Israeli cybersecurity company Cybereason, the massive intellectual property theft operation enabled the threat actor to exfiltrate hundreds of gigabytes of information. Targets included technology and Source: Read More […]