CyberWire Daily

NotLockBit takes a bite out of macOS.

Oct 23, 2024

Jérôme Segura, Sr. Director of Research at Malwarebytes, shares insights on the alarming rise of NotLockBit, a new macOS malware mimicking LockBit tactics. He discusses how scammers are exploiting platforms like GitHub to advertise fake AppleCare+ services, highlighting vulnerabilities associated with mobile apps. The conversation sheds light on the accountability of tech firms in the face of increased privacy violations and examines the federal government’s push for better information sharing in cybersecurity. It's a must-listen for anyone concerned about modern digital threats!

37:02

Creator website

Episode guests

Jérôme Segura

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The emergence of NotLockbit ransomware targeting macOS exemplifies the growing threat landscape as attackers leverage advanced tactics for data exfiltration.

Recent vulnerabilities in popular mobile apps highlight the urgent need for developers to prioritize secure coding practices to prevent unauthorized data access.

Deep dives

Emerging Threats: NotLockbit Ransomware

A new macOS malware called NotLockbit has emerged, mimicking the infamous Lockbit ransomware while targeting both Windows and macOS. This ransomware employs standard tactics such as data theft and file encryption, ensuring only the attacker can decrypt the files using RSA encryption. NotLockbit also utilizes hard-coded AWS credentials for data exfiltration, sending victim data to an Amazon S3 bucket. Researchers warn that this malware is still actively being developed, indicating the potential for future threats from this adversary.

Intro

3min

Cybersecurity Threats and Accountability

9min

Cybersecurity and Trust in Information Sharing

6min

Scamming the Search: Navigating Mobile Threats

8min

Surveillance and Privacy: The Challenges of Modern IT Security

6min

NotLockBit mimics its namesake while targeting macOS. Symantec uncovers popular mobile apps with hardcoded credentials. Avast releases a Mallox ransomware decryptor. Akira ransomware reverts to tactics tried and true. Lawmakers ask the DOJ to prosecute tax prep firms for privacy violations. The SEC levies fines for misleading disclosures following the SolarWinds breach. Software liability remains a sticky issue. Updated guidance reiterates the feds’ commitment to the Traffic Light Protocol. A task force has cybersecurity recommendations for the next U.S. president. Today’s guest is Jérôme Segura, Sr. Director of Research at Malwarebytes, sharing their work on "Scammers advertise fake AppleCare+ service via GitHub repos." Warrantless surveillance, powered by your favorite apps.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today’s guest is Jérôme Segura, Sr. Director of Research at Malwarebytes, sharing their work on "Scammers advertise fake AppleCare+ service via GitHub repos." You can learn more about this research here.

Selected Reading

NotLockBit Ransomware Can Target macOS Devices (SecurityWeek)

Millions of iOS and Android Users at Risk as Popular Apps Expose Cloud Keys (Hackread)

Mallox Ransomware Flaw Let Victims Recover Files Without Ransom Payment (Cyber Security News)

Akira ransomware pivots back to double extortion, C++ code (SC Media)

Lawmakers ask DOJ to prosecute tax prep firms for sharing customer data with big tech (The Record)

SEC fines four companies $7M for 'misleading cyber disclosures' regarding SolarWinds hack (TechCrunch)

The struggle for software liability: Inside a ‘very, very, very hard problem’ (The Record)

US Government Pledges to Cyber Threat Sharing Via TLP Protocol (Infosecurity Magazine)

Task force unveils cyber recommendations for the next president (CyberScoop)

The Global Surveillance Free-for-All in Mobile Ad Data (Krebs on Security)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

NotLockBit takes a bite out of macOS.

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Emerging Threats: NotLockbit Ransomware

Security Flaws in Mobile Apps

Corporate Accountability and Software Liability

CyberWire Guest

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts