"Sapphire Sleet achieves a highly reliable infection chain that lowers operational friction and increases the likelihood of successful compromise - posing an elevated risk to organisations and individuals involved in cryptocurrency, digital assets, finance, and similar high‑value targets that Sapphire Sleet is known to target."
"This particular campaign demonstrated some new combinations of macOS-focused techniques that, though not novel in and of themselves, come as something of a surprise from a threat actor like Sapphire Sleet."
A North Korean social engineering campaign, attributed to the threat actor Sapphire Sleet, targeted macOS users by impersonating software updates. Victims were tricked into executing malicious files, resulting in the theft of credentials, cryptocurrency, and personal data. The campaign shifted from exploiting software vulnerabilities to user-initiated attacks, bypassing macOS protections. This approach increases the likelihood of successful compromises, particularly affecting organizations and individuals in high-value sectors like finance and cryptocurrency. Microsoft reported the threat to Apple as part of responsible disclosure.
Read at ComputerWeekly.com
Unable to calculate read time
Collection
[
|
...
]