Security Affairs

OCTOBER 3, 2022

The Finnish Security Intelligence Service ( SUPO ) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service ( Suojelupoliisi or SUPO ) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.

Security Intelligence 130

Security Intelligence Manufacturing Cyber threats Accountability 130

Security Affairs

OCTOBER 10, 2020

The malicious updates employed in the Zerologon attacks are able to bypass the user account control (UAC) security feature in Windows and abuse the Windows Script Host tool (wscript.exe) to execute malicious scripts. We’re seeing more activity leveraging the CVE-2020-1472 exploit (ZeroLogon). states Microsoft.

Cybercrime 118

Cybercrime Security Intelligence Authentication Banking 118

Security Affairs

MAY 4, 2020

pic.twitter.com/EbI8kxICQG — Microsoft Security Intelligence (@MsftSecIntel) May 4, 2020. A more recent Remcos campaign targeted accountants in the US with emails purporting to contain “COVID-19 related updates” for members of American Institute of CPAs.

Small Business 98

Small Business Malware Manufacturing Security Intelligence 98

Security Affairs

MAY 20, 2021

Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. pic.twitter.com/mGow2sJupN — Microsoft Security Intelligence (@MsftSecIntel) May 19, 2021. STRRAT RAT was first spotted in June 2020 by G DATA who documented its features.

Ransomware 124

Ransomware Malware Encryption Security Intelligence 124

Security Affairs

OCTOBER 30, 2020

Organizations and security incidents in Kubernetes environments, these are 5 key components of the control plane that demand special attention. Organizations are no strangers to security incidents in their Kubernetes environments. For information on how to secure that part of a Kubernetes cluster, click here. What is it?

Advertising 94

Advertising Internet Internet VPN 94

Security Affairs

JULY 28, 2022

com Running PowerShell scripts directly from a GitHub gist created by an account associated with DSIRF. Researchers from threat intelligence firm RiskIQ, using passive DNS data related to Knotweed attacks, linked the C2 infrastructure used by the malware since February 2020 to DSIRF. or later to detect the related indicators.

Surveillance 90

Surveillance Malware Authentication DNS 90

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN 104

VPN Social Engineering Accountability Media 104