Daniel Miessler

NOVEMBER 6, 2020

I think there are four main trends that will play out in the field of information security in the next 20 years. The best example of the need for this is national level security intelligence, reconnaisance, and vulnerability assessment. Here’s my talk on this topic at DEFCON in 2020.

InfoSec 255

InfoSec Insurance Artificial Intelligence Cybersecurity 255

Security Affairs

OCTOBER 3, 2022

The Finnish Security Intelligence Service ( SUPO ) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service ( Suojelupoliisi or SUPO ) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.

Security Intelligence 143

Security Intelligence Manufacturing Cyber threats Accountability 143

Security Affairs

OCTOBER 6, 2020

The Zerologon vulnerability, tracked as CVE-2020-1472 , is an elevation of privilege that resides in the Netlogon. Administrators of enterprise Windows Servers have to install the August 2020 Patch Tuesday to mitigate “unacceptable risk” posed by the flaw to federal networks. We strongly recommend patching.

Authentication 140

Authentication Advertising Architecture Cyber Attacks 140

Security Affairs

MAY 4, 2020

pic.twitter.com/EbI8kxICQG — Microsoft Security Intelligence (@MsftSecIntel) May 4, 2020. The attachment is a ZIP archive containing the familiar ISO file carrying a malicious SCR file with misleading icon pic.twitter.com/o1FbMUbTBs — Microsoft Security Intelligence (@MsftSecIntel) May 4, 2020.

Small Business 139

Small Business Malware Manufacturing Security Intelligence 139

Security Affairs

FEBRUARY 2, 2020

pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. pic.twitter.com/1qnx3NmwiB — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. In contrast, past Dudear email campaigns carried the malware as attachment or used malicious URLs.

Malware 105

Malware Security Intelligence Banking Phishing 105

Security Affairs

FEBRUARY 8, 2025

Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware. The group works under the control of the Reconnaissance General Bureau (RGB) foreign intelligence service.

Malware 76

Malware Phishing Security Intelligence Hacking 76

Security Affairs

MAY 20, 2021

Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. pic.twitter.com/mGow2sJupN — Microsoft Security Intelligence (@MsftSecIntel) May 19, 2021. STRRAT RAT was first spotted in June 2020 by G DATA who documented its features.

Ransomware 145

Ransomware Malware Encryption Security Intelligence 145

Security Affairs

OCTOBER 6, 2020

The alert published by CISA was based on data provided by the Multi-State Information Sharing & Analysis Center (MS-ISAC) and the CISA itself since July 2020. pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. ” reads that alert published by CISA.

Government 144

Government Banking Advertising Malware 144

Security Affairs

SEPTEMBER 24, 2020

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. ” #Emotet AAR for 2020/09/22: Well yesterday was kinda nuts with nearly 400 malspams received with the majority being attachment on 60/40 basis. Heaviest I can remember in some time. Shared templates in paste.

Malware 144

Malware Passwords Advertising Ransomware 144

Security Affairs

DECEMBER 1, 2020

New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020. Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020.

Cryptocurrency 138

Cryptocurrency Antivirus Manufacturing Government 138

Security Affairs

MAY 15, 2022

Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022.

Security Intelligence 98

Security Intelligence Malware Backups Architecture 98

SC Magazine

MAY 14, 2021

American Airlines flight 718, a Boeing 737 Max, is seen parked at its gate at Miami International Airport as passengers board for a flight to New York on December 29, 2020 in Miami, Florida. A campaign of remote access trojans is targeting the aerospace and travel industries. Photo by Joe Raedle/Getty Images). They change and are tailored.

Phishing 126

Phishing Scams Security Awareness Security Intelligence 126

Security Affairs

AUGUST 29, 2024

Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. . ” continues the report.

Firmware 129

Firmware Malware Security Intelligence Authentication 129

eSecurity Planet

DECEMBER 30, 2020

To ease these burdens, SECaaS and SOCaaS vendors have emerged as cloud-based security as a service that can collect, analyze, and correlate your information from diverse systems and applications — turning former headaches into actionable information security intelligence. Security as a Service (SECaaS) .

Penetration Testing 117

Penetration Testing Cybersecurity Antivirus Network Security 117

Security Affairs

APRIL 1, 2021

“The most recent extortion attack — peaking at more than 800 Gbps and targeting a European gambling company — was the biggest and most complex we’ve seen since the widespread return of extortion attacks that kicked off in mid-August 2020. reads the analysis published by Akamai. ” Likely DDoS extortion attacks. .

DDOS 132

DDOS Security Intelligence Hacking Cybersecurity 132

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN 138

VPN Accountability Social Engineering Media 138

Security Affairs

OCTOBER 30, 2020

Organizations and security incidents in Kubernetes environments, these are 5 key components of the control plane that demand special attention. Organizations are no strangers to security incidents in their Kubernetes environments. For information on how to secure that part of a Kubernetes cluster, click here.

Advertising 101

Advertising Internet Internet VPN 101

Security Affairs

OCTOBER 29, 2020

.” Microsoft Threat Intelligence Information Center (MSTIC) has uncovered activity by the threat actor PHOSPHOROUS, which has been masquerading as conference organizers and sending spoofed invitations by email to high-profile individuals.

Hacking 87

Hacking Security Intelligence Advertising Accountability 87

Security Affairs

MARCH 19, 2021

In the 2020 Cloud Native Survey , 91% of respondents told the Cloud Native Computing Foundation (CNCF) that they were using Kubernetes—an increase from 78% in 2019 and 58% a year earlier. The guidance provided above can help admins ensure container runtime security in Amazon EKS.

Information Security 115

Information Security Security Intelligence Hacking Accountability 115

Security Affairs

OCTOBER 12, 2020

link] — Microsoft Security Intelligence (@MsftSecIntel) October 12, 2020. In this blog, we detail the evolution of Trickbot, associated tactics, recent campaigns, and dive into the anatomy of a specific attack. ” reads the post published by Microsoft.

Malware 98

Malware Banking Advertising Financial Services 98

Security Affairs

JULY 28, 2022

Researchers from threat intelligence firm RiskIQ, using passive DNS data related to Knotweed attacks, linked the C2 infrastructure used by the malware since February 2020 to DSIRF. Confirm that Microsoft Defender Antivirus is updated to security intelligence update 1.371.503.0 or later to detect the related indicators.

Surveillance 101

Surveillance Malware Authentication Accountability 101

Security Affairs

APRIL 29, 2021

In March 2020, Chinese security firm Qihoo 360 accused the US Central Intelligence Agency (CIA) of having hacked Chinese organizations for the last 11 years. In November 2019, ESET researchers discovered a new downloader, dubbed DePriMon, that used new “Port Monitor” methods in attacks in the wild.

Malware 129

Malware Hacking Government Telecommunications 129

Security Affairs

OCTOBER 31, 2020

Researchers from Microsoft Security Intelligence are also warning of the ongoing Halloween-themed Emotet campaign. #Emotet Daily Summary Post for 2019/10/31 – Halloween Party template used on E3, E2 was Banking/IRS/Invoice/etc spam and E1 was after ENG/ESP/FRA/PRT(BR) speakers with Invoice/Billing crap. Source Bleeping Computer.

Banking 116

Banking Malware Security Intelligence Advertising 116