Earlier this month, Germany and South Korea issued a joint cybersecurity advisory warning about an advanced persistent threat (APT) group that’s been working out of North Korea since 2012 and which recently attempted to cajole spear-phishing targets into installing a malicious Chrome extension — called “AF” — that steals Gmail messages. 

*** This is a Security Bloggers Network syndicated blog from AppSec Observer authored by Lisa Vaas, Senior Content Marketing Manager, Contrast Security. Read the original post at: https://www.contrastsecurity.com/security-influencers/dont-expect-users-to-avoid-malicious-attachments-and-dangerous-permissions-contrast-security