Q: What sort of threats are you seeing right now? “Infostealer malware remains the single biggest threat to macOS right now. These stealers trick users into running them through convincing fake websites and social engineering, then exfiltrate as many credentials and secrets as possible for the attacker to use, sell, or trade on the dark web.
“Apple regularly ships new protections, and attackers just as regularly adapt their social engineering to stay ahead of them. Techniques like ClickFix, where users are tricked into pasting and running malicious commands themselves, have become especially effective because they bypass many protections entirely by getting the user to do the work. Beyond that, supply chain attacks are growing at an alarming rate, with attackers compromising developer libraries that get pulled into internal or production projects, quietly introducing backdoors without the creator’s knowledge.”
Q: What about the manufacturing sector? Is there any excuse to use legacy kit at all in an AI threat age? “AI generated threats won’t necessarily be different than traditional ones, but they will stress the seams of traditional security programs that will need to have improved visibility at scale and be able to work at a new kind of speed and agility from start to finish.”
Read the full article here

