The North Korean group Kimsuky is employing a social engineering tactic called “ClickFix” to distribute malware to South Korean targets. The strategy tricks users into copying and pasting a malicious PowerShell script by promising to fix webpage or document display issues. Previously used to infest a variety of infostealers and dropper malware, the ploy has evolved to include spear-phishing emails with instructions to register the user’s device, leading to data exfiltration.
Exploring healthcare’s third-party risk management gaps
A Ponemon Institute and Imprivata survey revealed that just 36% of health IT respondents’ organisations consistently apply strategies addressing privileged access risks. Moreover, 47% of
