2014, Information Security and Security Intelligence

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

— Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. Don’t waste time, patch your system now! Pierluigi Paganini.

Security Intelligence

Security Intelligence Authentication Advertising Passwords

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

On December 6, The Akamai Security Intelligence Response Team (SIRT) published the first update to the InfectedSlurs advisory series. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) released June 21, 2014). and earlier. and earlier (5.0.0

Firmware

Firmware Wireless DDOS IoT

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. pic.twitter.com/1qnx3NmwiB — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. Pierluigi Paganini.

Malware

Malware Security Intelligence Banking Phishing

Microsoft warns about ongoing PonyFinal ransomware attacks

Security Affairs

MAY 27, 2020

pic.twitter.com/Q3BMs7fSvx — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Learn how to build organizational security hygiene to prevent human-operated attacks: [link] — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Pierluigi Paganini.

Ransomware

Ransomware Security Intelligence Encryption Advertising

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents.

Government

Government Banking Advertising Malware

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents.

Banking

Banking Malware Security Intelligence Advertising

Coronavirus-themed attacks May 17 ? May 23, 2020

Security Affairs

MAY 24, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Security Intelligence Hacking Information Security

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Passwords Advertising Cybercrime

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

Security Affairs

MAY 4, 2020

pic.twitter.com/EbI8kxICQG — Microsoft Security Intelligence (@MsftSecIntel) May 4, 2020. The attachment is a ZIP archive containing the familiar ISO file carrying a malicious SCR file with misleading icon pic.twitter.com/o1FbMUbTBs — Microsoft Security Intelligence (@MsftSecIntel) May 4, 2020.

Small Business

Small Business Malware Manufacturing Security Intelligence

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Security Affairs

JUNE 24, 2019

pic.twitter.com/PQ2g7rvDQm — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. The final payload is the remote access Trojan FlawedAmmyy,” reads a Tweet published by Microsoft Security Intelligence. Pierluigi Paganini.

Security Intelligence

Security Intelligence Advertising Malware Banking

Canadian intelligence agencies CSE and CSIS are divided on Huawei 5G ban

Security Affairs

NOVEMBER 14, 2019

The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) are divided over the ban of Huawei 5G technology. The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) agencies are divided over the ban of Huawei 5G technology.

Government

Government Telecommunications Wireless Security Intelligence

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Security Affairs

JUNE 10, 2019

pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. AD and the payload as Trojan:MSIL/Cretasker. Pierluigi Paganini.

Security Intelligence

Security Intelligence Advertising Malware Information Security

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

link] — Microsoft Security Intelligence (@MsftSecIntel) October 12, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the post published by Microsoft. ” concludes Microsoft.

Banking

Banking Malware Advertising Financial Services

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Security Affairs

OCTOBER 30, 2020

About the Author: David Bisson is an information security writer and security junkie. He’s a contributing editor to IBM’s Security Intelligence, Tripwire’s The State of Security Blog, and a contributing writer to Bora. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Internet Internet VPN

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

See how #MicrosoftDefenderATP next-gen protection defeated the #fileless attack: [link] — Microsoft Security Intelligence (@MsftSecIntel) July 8, 2019. The malware is able to log the users’ keystrokes, collect information through hooking, access clipboard content, and monitor the keystate. Pierluigi Paganini.

Antivirus

Antivirus Malware Advertising Security Intelligence

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

A deeper analysis of some of these samples revealed that they were compiled in 2014 and used in the wild between 2014 and 2015. It is capable of providing an attacker with basic information about the infected system and executing a received payload.”

Malware

Malware Hacking Government Telecommunications

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

Security Affairs

JUNE 16, 2019

The popular expert Larry Cashdollar, from Akamai’s Security Intelligence Response Team (SIRT), spotted a new version of the Echobot botnet that counts 26 different exploits. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – Echobot botnet, IoT).

IoT

IoT Wireless Advertising Malware

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019. The ACSC also warns about the Emotet threat, a banking trojan that has been active since 2014. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Small Business

Small Business Malware Cryptocurrency Advertising

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

NOVEMBER 8, 2019

Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019. It also provides worldwide impact information, mitigation recommendations, and detection information. Locate and patch exposed RDP services now. Pierluigi Paganini.

Penetration Testing

Penetration Testing Malware Advertising Spyware

The number of exploits in the Echobot botnet reached 59

Security Affairs

AUGUST 7, 2019

At the time of its discovery, operators added 8 new exploits, but a few weeks later the popular expert Larry Cashdollar from Akamai’s Security Intelligence Response Team (SIRT) discovered a variant that included a total of 26 exploits. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless IoT Advertising Surveillance

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

.” Microsoft Threat Intelligence Information Center (MSTIC) has uncovered activity by the threat actor PHOSPHOROUS, which has been masquerading as conference organizers and sending spoofed invitations by email to high-profile individuals. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Security Intelligence Accountability Advertising

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

Microsoft 365 Defender customers can also refer to these detections: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 5, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Security Intelligence

Recorded Future to Provide Free Access to Elite Intelligence Through New Browser Extension

Security Affairs

MAY 5, 2020

Level up Your Security Program With the Same Security Intelligence Used by the World’s Largest Governments and Many of the Fortune 1000. Recorded Future real-time security intelligence helps users instantly understand which vulnerabilities pose the most risk, so they can patch those first. Pierluigi Paganini.

Security Intelligence

Security Intelligence Risk Advertising Malware

Cyber Security Informer

Hackers are using Zerologon exploits in attacks in the wild

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Trending Sources

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Microsoft warns about ongoing PonyFinal ransomware attacks

CISA alert warns of Emotet attacks on US govt entities

Emotet operators are running Halloween-themed campaigns

Coronavirus-themed attacks May 17 ? May 23, 2020

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Canadian intelligence agencies CSE and CSIS are divided on Huawei 5G ban

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Microsoft partnered with other security firms to takedown TrickBot botnet

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

A new Astaroth Trojan Campaign uncovered by Microsoft

Purple Lambert, a new malware of CIA-linked Lambert APT group

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

The number of exploits in the Echobot botnet reached 59

Iran-linked Phosphorous APT hacked emails of security conference attendees

Iran-linked APT is exploiting the Zerologon flaw in attacks

Recorded Future to Provide Free Access to Elite Intelligence Through New Browser Extension

Stay Connected