Researchers at Microsoft have discovered links between a threat group tracked as DEV-0196 and an Israeli private-sector company, QuaDream, that sells a platform for exfiltrating data from mobile devices.
Follow Dark Reading:
 April 13, 2023
LATEST SECURITY NEWS & COMMENTARY
Microsoft: NSO Group-Like 'QuaDream' Actor Selling Mobile Spyware to Governments
Researchers at Microsoft have discovered links between a threat group tracked as DEV-0196 and an Israeli private-sector company, QuaDream, that sells a platform for exfiltrating data from mobile devices.
Lazarus Group's 'DeathNote' Cluster Pivots to Defense Sector
Usually focused on going after cryptocurrency organizations, the threat actor has begun targeting defense companies around the world.
1M+ WordPress Sites Hacked via Zero-Day Plug-in Bugs
A wide-ranging campaign to inject malicious code into WordPress-run websites has been ongoing for at least five years.
FBI & FCC Warn on 'Juice Jacking' at Public Chargers, but What's the Risk?
Hackers can compromise public charging hubs to steal data, install malware on phones, and more, threatening individuals and businesses alike.
LastPass Breach Reveals Important Lessons
Devastating cyberattacks often can be prevented with basic cybersecurity measures.
Data on 400K Kodi Forum Members Stolen and Put Up for Sale
Open source media player Kodi still hasn't recovered its forum and plans to redeploy it on a new server with software update.
Gartner: Human-Centric Design Is Top Cybersecurity Trend for 2023
In order to reduce cybersecurity risks and failures, organizations will need to focus on employees, management, and new operating models.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Microsoft Patches 97 CVEs, Including Zero-Day & Wormable Bugs
The April 2023 Patch Tuesday security update also included a reissue of a fix for a 10-year-old bug that a threat actor recently exploited in the supply chain attack on 3CX.

How Password Managers Can Get Hacked
Password managers aren't foolproof, but they do help mitigate risks from weak credentials and password reuse. Following best practices can contribute to a company's defenses.

Where Are the Women? Making Cybersecurity More Inclusive
Stepped-up recruiting efforts along with better work-life balance policies and mentoring and recruitment programs will help balance the scales.

MORE
EDITORS' CHOICE
7 Things Your Ransomware Response Playbook Is Likely Missing
Incident response experts share their secrets for success when it comes to creating a professional-grade ransomware response playbook. Are you ready for the worst?
LATEST FROM THE EDGE

When Banking Laws Don't Protect Consumers From Cybertheft
If attackers use your stolen login information or set up wire transfers, you might be out of luck.
LATEST FROM DR TECHNOLOGY

Google Tackles Open Source Security With New Dependency Service
With deps.dev API and Assured OSS, Google is addressing the common challenges software developers face in securing the software supply chain.
WEBINARS
  • How to Launch a Threat Hunting Program

    Security teams need to be more proactive about finding threats before they can cause too much damage. How do these enterprises build threat hunting programs? What stakeholders needs to be involved? What skills are necessary for the threat hunting team? ...

  • How Supply Chain Attacks Work -- And What You Can Do to Stop Them

    Supply chain attacks made headlines in 2022, sending shockwaves through the industry as security and business leaders scrambled to reexamine the security of their own supply chains. In this webinar, experts talk through the stages of a supply chain attack and ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Menlo Security Illustrates Importance of Browser Security as 4 in 5 Ransomware Attacks Include Threats Beyond Data Encryption
VulnCheck Named CVE Numbering Authority for Common Vulnerabilities and Exposures
(ISC)² Certified in Cybersecurity Earns ANAB Accreditation to ISO 17024 and Surpasses 15,000 Certification Holders
Opera Adds Free VPN to Opera for iOS
Report Reveals ChatGPT Already Involved in Data Leaks, Phishing Scams & Malware Infections
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us