News

Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware

Dan Virgillito
November 6, 2023 by
Dan Virgillito

Boeing confirms ransomware attack by Lockbit gang, researchers spot WhatsApp mods with dangerous spyware and Apple’s "Find My" network vulnerability. Catch all this and more in this week’s edition of Cybersecurity Weekly.

Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.

1. Boeing confirms ransomware attack after Lockbit Gang’s revelations  

Boeing has confirmed it was hit with a cyberattack after the LockBit ransomware gang claimed responsibility. Jim Proulx, the company's spokesperson, stated the attack targeted Boeing distribution operations but assured it does not compromise flight safety. The confirmation follows LockBit's threat to release Boeing's data if a ransom was not paid. Boeing has not disclosed whether it has entered into ransom negotiations or if it complied with the demand.

Read more »

2. Researchers spot multiple WhatsApp mods with CanesSpy Spyware

Kaspersky researchers have uncovered several WhatsApp mods containing the CanesSpy spyware. This malicious module stealthily harvests device information and transmits it to a command-and-control server. It activates with common phone events, like charging, putting personal data at constant risk. Users in multiple countries have been affected, prompting a strong recommendation to use only official apps for communication.

Read more »

3. Apple’s ‘Find My’ network vulnerability makes it prone to keylogger abuse

Apple's "Find My" network has a vulnerability that keyloggers in keyboards can exploit to access sensitive data. Designed to locate Apple devices, the network can be hijacked to transmit arbitrary data via Bluetooth. Researchers showcased this by integrating a keylogger with a Bluetooth transmitter, revealing a stealthy data theft method using Apple's extensive location-sharing system. This technique eludes Apple's anti-tracking features, posing a significant security risk to the "Find My" service.

Read more »

4. New ‘KandyKorn’ macOS malware targets blockchain community and engineers

Elastic Security recently uncovered macOS malware linked to North Korea's Lazarus group. Dubbed KandyKorn, it targets cryptocurrency exchange engineers via Discord. Victims are tricked into downloading a malicious 'Cross-platform Bridges.zip' file. Inside, a Python script triggers a chain ending in the KandyKorn payload, which stealthily operates to steal data. This discovery highlights Lazarus' focus on financial theft and its sophisticated approach to targeting macOS systems.

Read more »

5. Researchers uncover massive URL shortening service run by cybercriminals

Infoblox revealed last week that a threat actor known as Prolific Puma has been running a link-shortening service for cybercriminals. Over the past four years, this service has secretly registered thousands of US domains to enable phishing and malware attacks. The source also found that Prolific Puma has facilitated a range of cybercrimes while cleverly avoiding detection via tactics like aging domains and Bitcoin payments.

Read more »

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.