The Lazarus Group is utilizing a new macOS trojan malware known as RustyAttr, which uses an advanced method of hiding malicious code in the extended attributes of files. RustyAttr can exploit without detection, embedding its payload in these attributes. The Lazarus Group craftily uses a benign-looking application to distract users and execute the harmful script. Cybersecurity specialists advise users to be cautious with file sources and unsolicited PDFs and prompt regular updates and robust threat detection strategies.
Microsoft Power Pages misconfigs exposing sensitive data • The Register
Private businesses and public-sector organizations are unwittingly exposing millions of people’s sensitive information to the public internet because they misconfigure Microsoft’s Power Pages website creation
