New malware to worry about:
https://www.uptycs.com/blog/macstealer-command-and-control-c2-malware
Uptycs recommends the following measures and actions:
- Keep your Mac systems up-to-date with the latest updates and patches
- Only permit the installation of files from trusted sources that allow ‘App Store’ or ‘App store and identified developers.’
In Ventura (13.3), "App Store" and "App Store and identified developers" are the only two settings under Security, but it looks like there is a way to run unsigned apps anyway under the "Developer" section?
I am thinking of adding a block for "weed.app" in JAMF - Restricted Software. I didn't see a confirmation that weed.app is the process name, so that is a bit of a guess.
