2014, Hacking, Information Security and Security Intelligence

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

On December 6, The Akamai Security Intelligence Response Team (SIRT) published the first update to the InfectedSlurs advisory series. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) released June 21, 2014). and earlier. and earlier (5.0.0

Firmware

Firmware Wireless DDOS IoT

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

— Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. SecurityAffairs – hacking, ZeroLogon). Pierluigi Paganini.

Security Intelligence

Security Intelligence Authentication Advertising Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. pic.twitter.com/1qnx3NmwiB — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. Pierluigi Paganini.

Malware

Malware Security Intelligence Banking Phishing

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents.

Government

Government Banking Advertising Malware

Microsoft warns about ongoing PonyFinal ransomware attacks

Security Affairs

MAY 27, 2020

pic.twitter.com/Q3BMs7fSvx — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Learn how to build organizational security hygiene to prevent human-operated attacks: [link] — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. SecurityAffairs – Ponyfinal ransomware, hacking).

Ransomware

Ransomware Security Intelligence Encryption Advertising

Coronavirus-themed attacks May 17 ? May 23, 2020

Security Affairs

MAY 24, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – COVID-19, hacking).

Advertising

Advertising Security Intelligence Hacking Information Security

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents.

Banking

Banking Malware Security Intelligence Advertising

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Passwords Advertising Cybercrime

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

A deeper analysis of some of these samples revealed that they were compiled in 2014 and used in the wild between 2014 and 2015. ” The Lambert APT (aka Longhorn APT ) has been active since at least 2008, but its first samples were spotted in 2014.

Malware

Malware Hacking Government Telecommunications

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

Security Affairs

MAY 4, 2020

pic.twitter.com/EbI8kxICQG — Microsoft Security Intelligence (@MsftSecIntel) May 4, 2020. The attachment is a ZIP archive containing the familiar ISO file carrying a malicious SCR file with misleading icon pic.twitter.com/o1FbMUbTBs — Microsoft Security Intelligence (@MsftSecIntel) May 4, 2020.

Small Business

Small Business Malware Manufacturing Security Intelligence

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Security Affairs

JUNE 24, 2019

pic.twitter.com/PQ2g7rvDQm — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. The final payload is the remote access Trojan FlawedAmmyy,” reads a Tweet published by Microsoft Security Intelligence. Pierluigi Paganini.

Security Intelligence

Security Intelligence Advertising Malware Banking

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

link] — Microsoft Security Intelligence (@MsftSecIntel) October 12, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Trickbot). ” reads the post published by Microsoft.

Banking

Banking Malware Advertising Financial Services

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Security Affairs

OCTOBER 30, 2020

About the Author: David Bisson is an information security writer and security junkie. He’s a contributing editor to IBM’s Security Intelligence, Tripwire’s The State of Security Blog, and a contributing writer to Bora. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Internet Internet VPN

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

See how #MicrosoftDefenderATP next-gen protection defeated the #fileless attack: [link] — Microsoft Security Intelligence (@MsftSecIntel) July 8, 2019. The malware is able to log the users’ keystrokes, collect information through hooking, access clipboard content, and monitor the keystate. Pierluigi Paganini.

Antivirus

Antivirus Malware Advertising Security Intelligence

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. SecurityAffairs – hacking, BISMUTH). The OceanLotus APT group is a state-sponsored group that has been active since at least 2013. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Security Affairs

JUNE 10, 2019

pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. AD and the payload as Trojan:MSIL/Cretasker. Pierluigi Paganini.

Security Intelligence

Security Intelligence Advertising Malware Information Security

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

” Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aimed at installing a cryptocurrency miner on the infected systems. Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019.

Small Business

Small Business Malware Cryptocurrency Advertising

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

NOVEMBER 8, 2019

Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aimed at installing a cryptocurrency miner on the infected systems. Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019.

Penetration Testing

Penetration Testing Malware Advertising Spyware

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

Security Affairs

JUNE 16, 2019

The popular expert Larry Cashdollar, from Akamai’s Security Intelligence Response Team (SIRT), spotted a new version of the Echobot botnet that counts 26 different exploits. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – Echobot botnet, IoT).

IoT

IoT Wireless Advertising Malware

The number of exploits in the Echobot botnet reached 59

Security Affairs

AUGUST 7, 2019

At the time of its discovery, operators added 8 new exploits, but a few weeks later the popular expert Larry Cashdollar from Akamai’s Security Intelligence Response Team (SIRT) discovered a variant that included a total of 26 exploits. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless IoT Advertising Surveillance

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Hacking

Hacking Security Intelligence Accountability Advertising

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

Microsoft 365 Defender customers can also refer to these detections: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 5, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Security Intelligence

Recorded Future to Provide Free Access to Elite Intelligence Through New Browser Extension

Security Affairs

MAY 5, 2020

Level up Your Security Program With the Same Security Intelligence Used by the World’s Largest Governments and Many of the Fortune 1000. Recorded Future real-time security intelligence helps users instantly understand which vulnerabilities pose the most risk, so they can patch those first. Pierluigi Paganini.

Security Intelligence

Security Intelligence Risk Advertising Malware

Cyber Security Informer

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Webinars

Trending Sources

Hackers are using Zerologon exploits in attacks in the wild

Webinars

Microsoft warns TA505 changed tactic in an ongoing malware campaign

CISA alert warns of Emotet attacks on US govt entities

Microsoft warns about ongoing PonyFinal ransomware attacks

Coronavirus-themed attacks May 17 ? May 23, 2020

Emotet operators are running Halloween-themed campaigns

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Purple Lambert, a new malware of CIA-linked Lambert APT group

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Microsoft partnered with other security firms to takedown TrickBot botnet

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

A new Astaroth Trojan Campaign uncovered by Microsoft

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

The number of exploits in the Echobot botnet reached 59

Iran-linked Phosphorous APT hacked emails of security conference attendees

Iran-linked APT is exploiting the Zerologon flaw in attacks

Recorded Future to Provide Free Access to Elite Intelligence Through New Browser Extension

Stay Connected