You are currently viewing Apple users should update Zoom—and beware of fake Coinbase job postings

Apple users should update Zoom—and beware of fake Coinbase job postings

Bad apples have given iPhone, Mac, and iPad users more reason to worry.

AppleAAPL,
-1.21%
shared two security reports this week warning of serious vulnerabilities in some of its devices, which could allow attackers to take full control of iPhones, iPads and Macs.

Users have been urged to update affected devices, including: iPhone 6S and later; 5th generation iPad and several later models, as well as all iPad Pro models and the iPad Air 2; Mac computers running macOS Monterey; and some iPod models. The vulnerability also extends to Apple’s Safari browser on its Big Sur and Catalina operating systems, the company added in another update. Get all the latest software updates for your Apple devices here.

Read more: Update your devices: Apple reveals serious security vulnerabilities for iPhone, iPad and Mac

On Friday morning, however, several specific vulnerabilities targeting Mac operating software were trending among real-time Google searches, including a hole in Zoom’s ZM,
-3.60%
security, as well as fraudulent job postings on Coinbase.

The Zoom exploit was reported by Patrick Wardle of the nonprofit organization Objective-See, which creates open-source macOS security tools. Wardle shared his findings at last week’s DefCon hacking and security conference. He was able to exploit Zoom’s automatic updater to gain access to someone’s Mac. Zoom therefore released an update in response – update 5.11.5 (9880) – but some testers were able to circumvent it anyway. So Zoom released a second patch — update 5.11.6 (9098) — which is now available.

Zoom shared on its security updates page that users can protect themselves by applying current updates or downloading the latest Zoom software with all current security updates from zoom.us/download.

Some Apple users have also reportedly been targeted by Lazarus, the North Korean state-sponsored hacking group, which hit Apple and Intel INTC,
-2.54%
-macOS malware-based systems disguised as fake IT job postings from the Coinbase COIN cryptocurrency platform,
-10.17%.

Opinion: Cyberattacks against national security targets will never stop. That’s why going analog is part of the solution

The cyber espionage campaign targets blockchain developers via LinkedIn and other platforms with a fake job posting, TechRadar reported. Then, after a few rounds of “talks”, the attacker sends the victim what appears to be a PDF with job details, but it is actually malware.

Security researchers from ESET Research Labs reported the malware on Twitter this week. They warned that it removes three files: the FinderFontsUpdater.app bundle, the safarifontagent downloader, and a decoy PDF called Coinbase_online_careers_2022_07.pdf.

Coinbase has tips for avoiding cryptocurrency scams here, such as never giving anyone remote access to your device and contacting Coinbase only using the phone number listed at help.coinbase.com/ or by email at help.coinbase.com/contact-us.

The US government sanctioned the Lazarus Group and two other “malicious North Korean state-sponsored cybergroups” in 2019, noting that Lazarus targets government, military, financial, media and publishing institutions. Lazarus was implicated in the global WannaCry 2.0 ransomware attack in 2017, which caused billions of dollars in damage to more than 300,000 computers in 150 countries.

Leave a Reply