Remove 2017 Remove Hacking Remove Security Intelligence
article thumbnail

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Security Affairs

The spam messages are sent in various European languages, threat actors are exploiting the Microsoft Office and Wordpad CVE-2017-11882 vulnerability. pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. Windows Defender ATP detects the documents as Exploit:O97M/CVE-2017-11882.AD

article thumbnail

French Firms Rocked by Kasbah Hacker?

Krebs on Security

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. com , an Arabic-language computer hacking forum. 001 for his security research and bug hunting.

DNS 322
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Kimsuky APT exploited BlueKeep RDP flaw in attacks against South Korea and Japan

Security Affairs

While investigating a security breach, the AhnLab SEcurity intelligence Center (ASEC) researchers discovered a North Korea-linked group Kimsuky ‘s campaign, tracked as Larva-24005. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Kimsuky)

article thumbnail

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

Microsoft 365 Defender customers can also refer to these detections: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 5, 2020. The first MuddyWater campaign was observed in late 2017 when targeted entities in the Middle East. SecurityAffairs – hacking, Zerologon). We strongly recommend patching.

article thumbnail

Corona Mirai botnet spreads via AVTECH CCTV zero-day 

Security Affairs

Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. .” The bot also targets AVTECH issues , a Hadoop YARN RCE , and CVE-2014-8361.

Firmware 126
article thumbnail

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Security Affairs

Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux servers to install crypto miners. ” The 8220 group has been active since at least 2017, it focuses on cryptomining campaigns. . Pierluigi Paganini.

article thumbnail

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

Across the years, the researchers found analyzed multiple backdoors and hacking tools composing the arsenal of the cyberespionage group. Researchers at company firm Symantec reportedly linked the CIA hacking tools to a number of cyber attacks launched in recent years by a threat actor the company identified as the Longhorn group. “The

Malware 126