-APT41 Taps Google Red Teaming Tool in Targeted Info-Stealing Attacks

China-linked APT41 group targeted a Taiwanese media organization and an Italian job agency with standard, open source penetration test tools, in a change in strategy. [TechWeb]( Follow Dark Reading: [RSS]( April 19, 2023 LATEST SECURITY NEWS & COMMENTARY [APT41 Taps Google Red-Teaming Tool in Targeted Info-Stealing Attacks]( China-linked APT41 group targeted a Taiwanese media organization and an Italian job agency with standard, open source penetration test tools, in a change in strategy. [Researchers Discover First-Ever Major Ransomware Targeting macOS]( In targeting Apple users, LockBit is going where no major ransomware gang has gone before. But it's a warning shot, and Mac users need not worry yet. [QBot Expands Initial Access Malware Strategy With PDF-WSF Combo]( The infamous Trojan's operators are switching up tactics with the use of simulated business correspondence, which helps instill trust with intended victims, and a stealthier payload. ['Goldoson' Malware Sneaks into Google Play Apps, Racks Up 100M Downloads]( Malware that can steal data, track location, and perform click fraud was inadvertently built into apps via an infected third-party library, highlighting supply chain risk. [Recycled Core Routers Expose Sensitive Corporate Network Info]( Researchers are warning about a dangerous wave of unwiped, secondhand core-routers found containing corporate network configurations, credentials, and application and customer data. [NSO Group Is Back in Business With 3 New iOS Zero-Click Exploits]( An investigation concludes that NSO Group was hired in 2022 to deploy Pegasus spyware against human rights workers in Mexico and other targets. ['Zaraza' Bot Targets Google Chrome to Extract Login Credentials]( The data-stealing malware threatens the cyber safety of individual and organizational privacy by infecting a range of Web browsers. [Why Your Anti-Fraud, Identity & Cybersecurity Efforts Should Be Merged]( To address the rising risk of online fraud, stolen identities, and cyberattacks, innovative organizations have begun converging their security functions — here's how yours can prepare. [Beyond CVEs: The Key to Mitigating High-Risk Security Exposures]( Use ongoing exposure management to parse the riskiest exposures and probable attack paths, then identify and plug the choke points. [(Sponsored Article) Human Detection and Response: A New Approach to Building a Strong Security Culture]( Jelle Wieringa analyzes the differences between HDR and security awareness training and how HDR addresses the security layer of human risk management. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Google Issues Emergency Chrome Update for Zero-Day Bug]( Because the security vulnerability is under active exploit, Google isn't releasing full details of the flaw while users could remain vulnerable. [Top 5 Data Security RSAC 2023 Sessions to Attend]( A little preconference reconnoitering of upcoming seminars, keynotes, and track sessions makes plotting your days easier. Here's one attendee's list. [MORE]( EDITORS' CHOICE [FIN7, Former Conti Gang Members Collaborate on 'Domino' Malware]( Members of the former ransomware group are using a FIN7 backdoor to deliver malware —including Cobalt Strike — to victim systems. LATEST FROM THE EDGE [Where There's No Code, There's No SDLC]( How can we build security back into software development in a low-code/no-code environment? LATEST FROM DR TECHNOLOGY [How Zero Trust Can Protect Systems Against Generative AI Agents]( Researchers explore a love-hate relationship with AI tools like ChatGPT, which can be used to both attack and defend more efficiently. WEBINARS - [How to Accelerate XDR Outcomes: Bridging the Gap Between Network and Endpoint]( Adversaries are moving faster than ever, with modern attacks coming from all fronts across network, endpoint, and other domains. In 2022, the average breakout time declined from 98 minutes to 84 minutes, highlighting the imperative for IT and security teams to act quickly ... - [How Supply Chain Attacks Work -- And What You Can Do to Stop Them]( Supply chain attacks made headlines in 2022, sending shockwaves through the industry as security and business leaders scrambled to reexamine the security of their own supply chains. In this webinar, experts talk through the stages of a supply chain attack and ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Enable and Protect Your Remote Workforce]( - [Evaluator's Guide for Managed Detection and Response (MDR) Services]( - [The Relationship Between Security Maturity and Business Enablement]( - [State of Enterprise Cybersecurity: Invest Now, or Pay Big Later]( - [Cloud Incident Response Datasheet]( - [Transform Your Security Strategy]( - [2022 Unit 42 Incident Response Report]( [View More White Papers >>]( FEATURED REPORTS - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [KnowBe4 Phishing Test Results Reveal IT and Online Services Emails Drive Dangerous Attack Trend]( [Netwrix Annual Security Survey: 68% of Organizations Experienced a Cyberattack Within the Last 12 Months]( [Cyberattacks Can Cost Enterprises Up to 30% of Operating Income According to ThreatConnect]( [Marlinspike Adds Charles Carmakal to its Advisory Board]( [Report: Over Half of North American Consumers Are Open to Passwordless]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)