Lazarus Group's 'DeathNote' Cluster Pivots to Defense Sector | 7 Things Your Ransomware Response Playbook Is Missing

Usually focused on going after cryptocurrency organizations, the threat actor has begun targeting defense companies around the world. [TechWeb]( Follow Dark Reading: [RSS]( April 13, 2023 LATEST SECURITY NEWS & COMMENTARY [Lazarus Group's 'DeathNote' Cluster Pivots to Defense Sector]( Usually focused on going after cryptocurrency organizations, the threat actor has begun targeting defense companies around the world. [Microsoft: NSO Group-Like 'QuaDream' Actor Selling Mobile Spyware to Governments]( Researchers at Microsoft have discovered links between a threat group tracked as DEV-0196 and an Israeli private-sector company, QuaDream, that sells a platform for exfiltrating data from mobile devices. [Microsoft Patches 97 CVEs, Including Zero-Day & Wormable Bugs]( The April 2023 Patch Tuesday security update also included a reissue of a fix for a 10-year-old bug that a threat actor recently exploited in the supply chain attack on 3CX. [1M+ WordPress Sites Hacked via Zero-Day Plug-in Bugs]( A wide-ranging campaign to inject malicious code into WordPress-run websites has been ongoing for at least five years. [Pair of Apple Zero-Days Under Active Exploit; Patch & Update Accordingly]( Unpatched Macs, iPhones, and iPads open to browser takeover and system kernel-level malicious code execution, Apple warns. [Cybercriminals 'CAN' Steal Your Car, Using Novel IoT Hack]( Your family's SUV could be gone in the night thanks to a headlight crack and hack attack. [Samsung Engineers Feed Sensitive Data to ChatGPT, Sparking Workplace AI Warnings]( In three separate incidents, engineers at the Korean electronics giant reportedly shared sensitive corporate data with the AI-powered chatbot. [Russia's Joker DPR Claims Access to Ukraine Troop Movement Data]( A hacktivist group working with Russia claims it breached DELTA, the Ukrainian battlefield management system (BMS). ['BEC 3.0' Is Here With Tax-Season QuickBooks Cyberattacks]( In next-gen, credential-harvesting attacks, phishing emails use cloud services and are free from the typical bad grammar or typos they've traditionally used (and which users have learned to spot). [Rethinking Cybersecurity's Structure & the Role of the Modern CISO]( A CISO with a focused role will be better prepared to thrive in an organization and accelerate adoption and understanding of cybersecurity. [How Password Managers Can Get Hacked]( Password managers aren't foolproof, but they do help mitigate risks from weak credentials and password reuse. Following best practices can contribute to a company's defenses. [LastPass Breach Reveals Important Lessons]( Devastating cyberattacks often can be prevented with basic cybersecurity measures. [Bad Actors Will Use Large Language Models — but Defenders Can, Too]( Security teams need to find the best, most effective uses of large language models for defensive purposes. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [What to Discuss at RSA Conference — and It's Not ChatGPT]( In-person conversations are a productive way to understand the state of the industry and learn new techniques. Take advantage of peers' experience, compare notes, and boost your skill set. [Where Are the Women? Making Cybersecurity More Inclusive]( Stepped-up recruiting efforts along with better work-life balance policies and mentoring and recruitment programs will help balance the scales. [Australia Is Scouring the Earth for Cybercriminals — the US Should Too]( It's time to get ahead of attacks before they even happen. [MORE]( EDITORS' CHOICE [7 Things Your Ransomware Response Playbook Is Likely Missing]( Incident response experts share their secrets for success when it comes to creating a professional-grade ransomware response playbook. Are you ready for the worst? LATEST FROM THE EDGE [How and Why to Put Multicloud to Work]( Complex multicloud environments present organizations with security challenges, but also opportunities for efficiency. LATEST FROM DR TECHNOLOGY [Fight AI With AI]( By developing new tools to defend against adversarial AI, companies can help ensure that artificial intelligence is developed and used in a responsible and safe manner. WEBINARS - [Artificial Intelligence, ChatGPT and Cybersecurity: A Match Made in Heaven or a Hack Waiting to Happen?]( Artificial intelligence (AI) is no longer science fiction. Software vendors have been integrating AI into products for years, which has led to innovations such as improved threat detection and training opportunities. But the emergence of newer technologies like DALL-E and ... - [Expert Advice for Getting the Most from Security Orchestration, Automaton & Response Enterprise Tools]( Over the past few years, many enterprises have been improving cybersecurity by implementing the Security Orchestration, Automation, and Response (SOAR) framework, which provides a path to collect threat data from multiple sources and respond to some security events automatically. How ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Essential Guide to Secure Web Gateway]( - [The Relationship Between Security Maturity and Business Enablement]( - [Making Cybersecurity Mesh a Reality]( - [Cloud Incident Response Datasheet]( - [Transform Your Security Strategy]( - [2022 Unit 42 Incident Response Report]( - [The CISOs Report: Perspectives, Challenges, and Plans for 2022 and Beyond]( [View More White Papers >>]( FEATURED REPORTS - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... - [Shoring Up the Software Supply Chain Across Enterprise Applications]( Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Menlo Security Illustrates Importance of Browser Security as 4 in 5 Ransomware Attacks Include Threats Beyond Data Encryption]( [VulnCheck Named CVE Numbering Authority for Common Vulnerabilities and Exposures]( [Report Reveals ChatGPT Already Involved in Data Leaks, Phishing Scams & Malware Infections]( [Opera Adds Free VPN to Opera for iOS]( [(ISC)² Certified in Cybersecurity Earns ANAB Accreditation to ISO 17024 and Surpasses 15,000 Certification Holders]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Shoring Up the Software Supply Chain Across Enterprise Applications]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)