Microsoft: NSO Group-Like 'QuaDream' Actor Selling Mobile Spyware to Governments

Klicken Sie hier, um Informationweek.com zu abonnieren

Kategorien: Dienstleistungen | Professionals Geschäftswaren Finanziell Kantoor Marketing Einzelhandel Einzelhandel Industrie Machines Alter: 14 - 18 Jahr 19 - 30 Jahr 31 - 64 Jahre

Laden...

1 jahr vor

Html
Text

Researchers at Microsoft have discovered links between a threat group tracked as DEV-0196 and an Israeli private-sector company, QuaDream, that sells a platform for exfiltrating data from mobile devices.

Follow Dark Reading:

April 13, 2023

LATEST SECURITY NEWS & COMMENTARY

Microsoft: NSO Group-Like 'QuaDream' Actor Selling Mobile Spyware to Governments Researchers at Microsoft have discovered links between a threat group tracked as DEV-0196 and an Israeli private-sector company, QuaDream, that sells a platform for exfiltrating data from mobile devices. Lazarus Group's 'DeathNote' Cluster Pivots to Defense Sector Usually focused on going after cryptocurrency organizations, the threat actor has begun targeting defense companies around the world. 1M+ WordPress Sites Hacked via Zero-Day Plug-in Bugs A wide-ranging campaign to inject malicious code into WordPress-run websites has been ongoing for at least five years. FBI & FCC Warn on 'Juice Jacking' at Public Chargers, but What's the Risk? Hackers can compromise public charging hubs to steal data, install malware on phones, and more, threatening individuals and businesses alike. LastPass Breach Reveals Important Lessons Devastating cyberattacks often can be prevented with basic cybersecurity measures. Data on 400K Kodi Forum Members Stolen and Put Up for Sale Open source media player Kodi still hasn't recovered its forum and plans to redeploy it on a new server with software update. Gartner: Human-Centric Design Is Top Cybersecurity Trend for 2023 In order to reduce cybersecurity risks and failures, organizations will need to focus on employees, management, and new operating models. MORE NEWS / MORE COMMENTARY


HOT TOPICS
Microsoft Patches 97 CVEs, Including Zero-Day & Wormable Bugs The April 2023 Patch Tuesday security update also included a reissue of a fix for a 10-year-old bug that a threat actor recently exploited in the supply chain attack on 3CX. How Password Managers Can Get Hacked Password managers aren't foolproof, but they do help mitigate risks from weak credentials and password reuse. Following best practices can contribute to a company's defenses. Where Are the Women? Making Cybersecurity More Inclusive Stepped-up recruiting efforts along with better work-life balance policies and mentoring and recruitment programs will help balance the scales. MORE

EDITORS' CHOICE

7 Things Your Ransomware Response Playbook Is Likely Missing Incident response experts share their secrets for success when it comes to creating a professional-grade ransomware response playbook. Are you ready for the worst? LATEST FROM THE EDGE
When Banking Laws Don't Protect Consumers From Cybertheft If attackers use your stolen login information or set up wire transfers, you might be out of luck. LATEST FROM DR TECHNOLOGY
Google Tackles Open Source Security With New Dependency Service With deps.dev API and Assured OSS, Google is addressing the common challenges software developers face in securing the software supply chain.

WEBINARS

How to Launch a Threat Hunting Program

Security teams need to be more proactive about finding threats before they can cause too much damage. How do these enterprises build threat hunting programs? What stakeholders needs to be involved? What skills are necessary for the threat hunting team? ...

How Supply Chain Attacks Work -- And What You Can Do to Stop Them

Supply chain attacks made headlines in 2022, sending shockwaves through the industry as security and business leaders scrambled to reexamine the security of their own supply chains. In this webinar, experts talk through the stages of a supply chain attack and ...

View More Dark Reading Webinars >>

WHITE PAPERS

The Essential Guide to Secure Web Gateway The Relationship Between Security Maturity and Business Enablement Making Cybersecurity Mesh a Reality How to Simplify Security with a Cybersecurity Mesh Architecture Unit 42 Retainer 2022 Unit 42 Incident Response Report The CISOs Report: Perspectives, Challenges, and Plans for 2022 and Beyond

View More White Papers >>

FEATURED REPORTS

The Promise and Reality of Cloud Security

Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...

10 Hot Talks From Black Hat USA 2022

Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ...

How Machine Learning, AI & Deep Learning Improve Cybersecurity

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Menlo Security Illustrates Importance of Browser Security as 4 in 5 Ransomware Attacks Include Threats Beyond Data Encryption VulnCheck Named CVE Numbering Authority for Common Vulnerabilities and Exposures (ISC)² Certified in Cybersecurity Earns ANAB Accreditation to ISO 17024 and Surpasses 15,000 Certification Holders Opera Adds Free VPN to Opera for iOS Report Reveals ChatGPT Already Involved in Data Leaks, Phishing Scams & Malware Infections MORE PRODUCTS & RELEASES

CURRENT ISSUE

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Teilen auf

Laden...

Weitere Newsletter von Informationweek.com

Achieving Optimal Security Outcomes Through Platformization Informationweek.com
Gestern um 16:31
FEATURES EDITION | Microsoft Highlights Security Exposure Management at Ignite Informationweek.com
Gestern um 14:31
Chinese APT Gelsemium Deploys 'Wolfsbane' Linux Variant Informationweek.com
Letzten Freitag um 14:04

Weitere Newsletter von Informationweek.com

Laden...

Andere Kategorien anzeigen

Dienstleistungen | Professionals Geschäftswaren Finanziell Kantoor Marketing Einzelhandel Einzelhandel Industrie Machines

Microsoft: NSO Group-Like 'QuaDream' Actor Selling Mobile Spyware to Governments

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

Teilen auf

Weitere Newsletter von Informationweek.com

Verwandte Newsletter

Andere Kategorien anzeigen