macOS Malware & PetitPotam: Cybersecurity News for the Week of—07/29/21
Posted by: GuidePoint Security
Published 08/05/2021, 9:30am
Malware and bugs affecting MacOS featured prominently in the news last week with several new threats related to credential theft and zero-days. The Windows-based relay attack dubbed PetitPotam also created concerns among security researchers. And a nation-state threat actor group known as Praying Mantis was discovered using custom malware to attack major public and private organizations.
- macOS malware and bugs: XCSSET warnings and zero-day patches
- PetitPotam relay attack targeting Windows domains
- Nation-state threat actor ‘Praying Mantis’ attacking organizations
Final Words
State-sponsored cyberattacks are a significant and growing threat to U.S. businesses. While security researchers did not indicate which country was behind the Praying Mantis attacks discussed in this week’s blog, research suggests that 77% of all state-sponsored cyberattack operations originate in China, Russia, Iran and North Korea.
While spying and espionage have always been part of a nation’s intelligence-gathering process, countries like China, Russia, Iran and North Korea have taken state-sponsored espionage to a new level by supporting, endorsing, and financing criminal acts that severely hinder and destroy critical business activity.
To protect from all types of attacks, including those initiated by nation-state threat actors, organizations are reminded to secure all sensitive information and data that can be monetized. In addition, businesses operating in aerospace, defense, IT, health care, finance, biomedical research, and media, as well as utility companies, universities, and think tanks, are reminded that they are the most common and attractive targets for nation-state attacks.
There is no easy answer to this increasingly dangerous situation, given the complexity of the issue. However, it is critical for governments, businesses, and cybersecurity professionals to continue communicating and collaborating on the best ways to stop state-sponsored cybercrime and espionage.
GuidePoint Security