AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/24/2023

PSA: Watch out for these fake Safari and Chrome updates infecting Macs with AMOS 

A powerful new malware launched in early 2023 called Atomic macOS Stealer (AMOS) targets Apple users and has become a growing threat. Now, with the latest iteration of the malware, malicious parties are planting AMOS inside fake Safari and Chrome browser updates for Mac. We’ll cover how it works and how to avoid this threat. As a refresher, AMOS is a powerful piece of malware that, once installed on a victim’s machine, can steal iCloud Keychain passwords, credit card numbers, crypto wallets, files, and more. 


Fidelity National Financial shuts down network in wake of cybersecurity incident 

Fidelity National Financial, or FNF, a Fortune 500 company that provides title insurance and settlement services for the mortgage and real estate industries, announced on Tuesday that it was the victim of a “cybersecurity incident that impacted certain FNF systems.” The company filed a report with the Securities and Exchange Commission (SEC) saying that it has launched an investigation, hired “leading experts” to help, alerted law enforcement and “implemented certain measures to assess and contain the incident.” 


Industry piles in on North Korea for sustained rampage on software supply chains 

The national cybersecurity organizations of the UK and the Republic of Korea (ROK) have issued a joint advisory warning of an increased volume and sophistication of North Korean software supply chain attacks. South Korea’s National Intelligence Service (NIS) and the UK’s National Cyber Security Centre (NCSC) said they put out the advisory to raise awareness of the serious and growing threat targeting governments, financial institutions, and defense industry companies across the world. Zero-day and N-day vulnerabilities are being used increasingly alongside multiple exploits to achieve goals that align closely with the state “priorities” of North Korea, the pair said. 


Scammers Exploit Crypto Hype with Fake Token Factory, Stealing Millions 

Check Point Research team has discovered a new type of scamming operation leveraging a fake token factory to steal millions of dollars from innocent users. Check Point’s Threat Intel blockchain system identified a malicious wallet address that has been involved in “blacklisted activities.” Researchers then started monitoring the activities linked with the wallet address and found that this address operated forty (40) different rug pulls, and so far, the scammers have stolen 1 million USD. The scam involves creating fake tokens, adding money to the liquidity pool to create a sense of legitimacy about these tokens, and arranging fake trades to make it appear as if genuine buying and selling were occurring. 


HSBC down: Thousands face mobile and online banking outages 

HSBC has apologised as thousands of UK customers have reported they are unable to access mobile and online banking. Downdetector, which tracks websites, showed more than 4,100 people reported they could not access HSBC services. The problem comes on Black Friday, a day when many will make purchases due to the discounts offered by retailers. The bank said it was “really sorry for the inconvenience”, and told the BBC the disruption was due to “an internal system issue”. 

Related Posts