Pirated Final Cut Pro for macOS Offers Stealth Malware Delivery

The number of people who have made the weaponized software available for sharing via torrent suggests that many unsuspecting victims may have downloaded the XMRig coin miner. [TechWeb]( Follow Dark Reading: [RSS]( February 24, 2023 LATEST SECURITY NEWS & COMMENTARY [Pirated Final Cut Pro for macOS Offers Stealth Malware Delivery]( The number of people who have made the weaponized software available for sharing via torrent suggests that many unsuspecting victims may have downloaded the XMRig coin miner. [Hydrochasma Threat Group Bombards Targets With Slew of Commodity Malware, Tools]( A previously unidentified threat group uses open source malware and phishing to conduct cyber-espionage on shipping and medical labs associated with COVID-19 treatments and vaccines. [Unanswered Questions Cloud the Recent Targeting of an Asian Research Org]( A novel threat group, utilizing new malware, is out in the wild. But the who, what, where, and why are yet to be determined, and there's evidence of a false-flag operation. [Wiper Malware Surges Ahead, Spiking 53% in 3 Months]( Cybercriminals and hacktivists have joined state-backed actors in using sabotage-bent malware in destructive attacks, new report shows. [Why Are My Employees Integrating With So Many Unsanctioned SaaS Apps?]( Before adopting SaaS apps, companies should set security guardrails to vet new vendors and check security integration for misconfiguration risks. [This Will Be the Year of the SBOM, for Better or for Worse]( Sharing attestations on software supply chain data that are formed into a policy will give us a framework to interpret risk and develop compliance directives. [Top Takeaways From CloudNativeSecurityCon 2023]( CloudNativeSecurityCon North America 2023 was a vendor-neutral cloud-native security conference. Here's why it was important. [Cyberattack on Dole Causes Temporary Salad Shortage]( The produce company said it suffered a ransomware attack earlier this month. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Scammers Mimic ChatGPT to Steal Business Credentials]( Hackers will take anything newsworthy and turn it against you, including the world's most advanced AI-enabled chatbot. [7 Tips for Mitigating Cyber-Risks to Your Corporate Social Media]( How to stay safe, even when tech-savvy admins can't tell the difference between a scam and the truth. [Headwinds Don't Have to Be a Drag on Your Security Effectiveness]( Despite increased threats, an uncertain economy, and increasing automation, your organization can still thrive. [MORE]( EDITORS' CHOICE [1 in 4 CISOs Wants to Say Sayonara to Security]( Thanks to burnout and stress, Gartner predicts churn and even departure from profession among half of today's security leaders by 2025. LATEST FROM THE EDGE [Cris Thomas: Space Rogue, From L0pht Hacker to IBM Security Influencer]( Security Pro File: The old-school hacker traces a path from young hardware tinkerer to senior cybersecurity executive. LATEST FROM DR TECHNOLOGY [87% of Container Images in Production Have Critical or High-Severity Vulnerabilities]( At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain. WEBINARS - [How Firewalls Fit With Modern Enterprise Security]( With all the focus on the newest security technologies, it is easy to forget that the firewall is still an important part of the enterprise security strategy. In this webinar, experts offer a look at some of the most common ... - [Ten Emerging Vulnerabilities Every Enterprise Should Know]( Every day, black hat attackers and white hat researchers are discovering new security vulnerabilities in widely-used systems and applications that might be exploited to compromise your data. Are you aware of the newest - and potentially most impactful - vulnerabilities ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Enable and Protect Your Remote Workforce]( - [Evaluator's Guide for Managed Detection and Response (MDR) Services]( - [IT/OT Security Platform Navigator 2022]( - [IT/OT Convergence Enables Security Operations Synergies]( - [The 4 Major Safety Checks Needed to Launch Your ASM Program into Orbit]( - [State of Enterprise Cybersecurity: Invest Now, or Pay Big Later]( - [The 2022 State of Cloud Security Report]( [View More White Papers >>]( FEATURED REPORTS - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Linux Foundation Europe Announces Formation of OpenWallet Foundation]( [Forsage Founders Indicted in $340M DeFi Crypto Scheme]( [UL Solutions Issues Automotive Cybersecurity Assurance Program Certificate to LG Innotek]( [AUVSI Launches Green UAS Cybersecurity Certification Program For Commercial Drones]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Promise and Reality of Cloud Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)