New Password Stealer Spoofs Apple, Google And Microsoft In 1 Attack

Just because you use macOS does not mean you are off of cybercriminals’ radar. One particularly clever new threat, a variant of an already well-known and dangerous password stealer, has been found to change disguises at every stage of the infection chain. Security researchers have now warned that it uses a payload hosted on a typo-squatted Microsoft domain, is delivered as an Apple security update, and even adds persistence to the exploit mix via a spoofed Google Software Update directory. Here’s what you need to know about the latest SHub Reaper multi-stage attack chain.

ForbesSeniors Targeted—FBI Issues Cyber Attack Advice For The Over 60sBy Davey Winder