Security Affairs

OCTOBER 10, 2020

We’re seeing more activity leveraging the CVE-2020-1472 exploit (ZeroLogon). — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. states Microsoft. We strongly recommend patching. Pierluigi Paganini.

Cybercrime 121

Cybercrime Security Intelligence Authentication Banking 121

Security Affairs

MAY 20, 2021

Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. The latest version of the Java-based STRRAT malware (1.5)

Ransomware 128

Ransomware Malware Encryption Security Intelligence 128

Security Affairs

MAY 15, 2022

Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022.

Security Intelligence 88

Security Intelligence Malware Architecture Backups 88

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 109

Malware Hacking Government Telecommunications 109

Security Affairs

SEPTEMBER 24, 2020

Microsoft is actively tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon EoP vulnerability, dubbed Zerologon. — Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472.

Security Intelligence 128

Security Intelligence Authentication Advertising Passwords 128

Security Affairs

SEPTEMBER 24, 2020

New Zealand’s Computer Emergency Response Team (CERT) also published a security alert warning of spam campaigns spreading the Emotet threat. jp) email addresses that have been infected with the infamous malware and that can be employed in further spam campaigns. Shared templates in paste.

Malware 129

Malware Passwords Advertising Cybercrime 129

Security Affairs

OCTOBER 6, 2020

In the middle-August, the malware was employed in fresh COVID19-themed spam campaign. Emotet is a modular malware, its operators could develop new Dynamic Link Libraries to update its capabilities. ” According to CISA, the surge in the attacks has rendered this malware one of the most prevalent ongoing threats.

Government 133

Government Banking Advertising Malware 133

Security Affairs

MAY 27, 2020

pic.twitter.com/Q3BMs7fSvx — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Learn how to build organizational security hygiene to prevent human-operated attacks: [link] — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020.

Ransomware 106

Ransomware Security Intelligence Encryption Advertising 106

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails. macros in malware campaigns.

Security Intelligence 90

Security Intelligence Advertising Phishing Malware 90

Security Affairs

OCTOBER 31, 2020

Crooks behind Emotet malware attempt to take advantage of the Halloween festivity, a new campaign could invite you to a Halloween party. Threat actors are attempting to take advantage of the Halloween festivities, a recent Emotet malware campaign spotted by BleepingComputer employed spam emails that invite recipients to a Halloween party.

Banking 106

Banking Malware Security Intelligence Advertising 106

Security Affairs

MAY 13, 2020

COVID-19 themed phishing campaigns recently observed by Microsoft was using messages with subject lines like “BUSINESS CONTINUITY PLAN ANNOUNCEMENT STARTING MAY 2020.” The emails in both campaigns use ARJ attachments that contain malicious executables disguised as PDF files.

Phishing 93

Phishing Advertising Banking Security Intelligence 93

Security Affairs

JULY 18, 2020

The notorious Emotet went into the dark since February 2020, but now has surged back with a new massive spam campaign targeting users worldwide. Emotet AAR for 2020/07/17- Well played Ivan, I dont usually do a Friday report but I did one just for you <3. link] — Joseph Roosen (@JRoosen) July 18, 2020. TNW and Be safe!

Advertising 90

Advertising Malware Banking Security Intelligence 90

Webroot

APRIL 21, 2021

Although cybercriminal activity throughout 2020 was as innovative as ever, some of the most noteworthy threat activity we saw came from the old familiar players, namely ransomware, business email compromise (BEC) and phishing. By September 2020, the average ransom payment peaked at $233,817. “In

Threat Reports 104

Threat Reports Phishing Ransomware Backups 104

Security Affairs

OCTOBER 12, 2020

The security firms have collected more than 125,000 TrickBot malware samples and mapped the command and control infrastructure. The TrickBot botnet was considered by security experts one of the biggest botnets. Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations.

Banking 98

Banking Malware Advertising Financial Services 98

Security Affairs

DECEMBER 1, 2020

New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020. Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020.

Cryptocurrency 97

Cryptocurrency Antivirus Manufacturing Government 97

Malwarebytes

MAY 18, 2022

In a Twitter thread , the Microsoft Security Intelligence team have revealed new information about the latest versions of the Sysrv botnet. The Sysrv botnet first received attention at the end of 2020 because at the time it was one of the rare malware binaries written in Golang (aka GO). Linux malware. Background.

Cryptocurrency 68

Cryptocurrency IoT Malware DDOS 68

SC Magazine

MAY 14, 2021

American Airlines flight 718, a Boeing 737 Max, is seen parked at its gate at Miami International Airport as passengers board for a flight to New York on December 29, 2020 in Miami, Florida. A campaign of remote access trojans is targeting the aerospace and travel industries. Photo by Joe Raedle/Getty Images).

Phishing 126

Phishing Scams Security Awareness Security Intelligence 126

The Last Watchdog

JULY 30, 2018

More than 230,000 new malware samples are launched every day. The painful impact of cyber attacks on businesses is worsening despite advances in technology aimed at protecting enterprises from malicious network traffic, insider threats, malware, denial of service attacks and phishing campaigns. Categorizing solutions. Enterprise scale.

CISO 140

CISO Cyber Attacks Data collection Cybersecurity 140

CyberSecurity Insiders

JANUARY 25, 2022

.–( BUSINESS WIRE )– CSC , a world leader in business, legal, tax, and domain security, today announced key findings from its new report, which found that nearly 500,000 web domains were registered since January 2020 containing key COVID-related terms. At CSC, we believe domain security intelligence is power.

Artificial Intelligence 52

Artificial Intelligence Phishing Technology DNS 52

Security Affairs

OCTOBER 30, 2020

Organizations and security incidents in Kubernetes environments, these are 5 key components of the control plane that demand special attention. Organizations are no strangers to security incidents in their Kubernetes environments. For information on how to secure that part of a Kubernetes cluster, click here.

Advertising 97

Advertising Internet Internet VPN 97

Cisco Security

SEPTEMBER 30, 2021

In fact, 25% or more companies experienced a jump in cyber threats or alerts since March 2020 ( Cisco’s Future of Secure Remote Work Report ). The concern over ransomware attacks in a hybrid workplace increased 69% among leaders ( Security Magazine ). Seeking a secure and simple solution.

Marketing 109

Marketing Firewall Cybersecurity Cyber threats 109

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance 94

Surveillance Malware Authentication DNS 94

SC Magazine

JULY 2, 2021

In 2020, for example, the average ransom payment increased by 171% to $312,493, according to Palo Alto Networks. To protect themselves against a constant onslaught from organized ransomware gangs, organizations ideally require intelligence in the form of prior warning of the most serious incoming attacks.

Ransomware 59

Ransomware Engineering Encryption Insurance 59

Malwarebytes

OCTOBER 8, 2021

Attackers have always liked Office macros because they provide a simple and reliable method to spread malware using legitimate features, and without relying on any vulnerability or exploit. In May 2020, Microsoft itself warned about a massive COVID-19 themed campaign that used emails with attachments containing malicious Excel 4.0

Malware 122

Malware Security Intelligence 122

Webroot

JANUARY 7, 2022

2020 may have been the year of establishing remote connectivity and addressing the cybersecurity skills gap, but 2021 presented security experts, government officials and businesses with a series of unpresented challenges. Below, our security experts forecast where the main areas of concern lie in the year ahead. Ransomware.

Cybercrime 105

Cybercrime Phishing Ransomware Cryptocurrency 105

Security Affairs

OCTOBER 6, 2020

The Zerologon vulnerability, tracked as CVE-2020-1472 , is an elevation of privilege that resides in the Netlogon. Administrators of enterprise Windows Servers have to install the August 2020 Patch Tuesday to mitigate “unacceptable risk” posed by the flaw to federal networks. We strongly recommend patching.

Authentication 106

Authentication Advertising Architecture Security Intelligence 106

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN 108

VPN Social Engineering Accountability Media 108

eSecurity Planet

JANUARY 27, 2022

Accenture acquired Symantec’s MSSP services in 2020. Intelligence: Threat intelligence and incident response services supported by IBM Security X-Force. Metrics: 300 billion security events processed daily. Delivery: Shared multi-tenant, on-premises, or as a service. See our in-depth look at IBM.

Firewall 109

Firewall Threat Detection DDOS Marketing 109

SC Magazine

JANUARY 29, 2021

The security firm, which first detected suspicious activity in early 2020, said the attack was based on a modified JSP file browser with a unique string that the adversary used to deploy “Explosive” V4 Remote Access Tool (RAT) or “Caterpillar” V2 WebShell in the victims’ networks.

Antivirus 93

Antivirus Malware Cyber threats Media 93

Security Affairs

APRIL 1, 2021

“The most recent extortion attack — peaking at more than 800 Gbps and targeting a European gambling company — was the biggest and most complex we’ve seen since the widespread return of extortion attacks that kicked off in mid-August 2020. reads the analysis published by Akamai. ” Likely DDoS extortion attacks. .

DDOS 88

DDOS Security Intelligence Hacking Cybersecurity 88

Security Affairs

OCTOBER 29, 2020

.” Microsoft Threat Intelligence Information Center (MSTIC) has uncovered activity by the threat actor PHOSPHOROUS, which has been masquerading as conference organizers and sending spoofed invitations by email to high-profile individuals. Get details here: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 28, 2020.

Hacking 73

Hacking Security Intelligence Accountability Advertising 73

Security Affairs

MARCH 19, 2021

In the 2020 Cloud Native Survey , 91% of respondents told the Cloud Native Computing Foundation (CNCF) that they were using Kubernetes—an increase from 78% in 2019 and 58% a year earlier. For more information about other aspects of Amazon EKS security, click here.

Information Security 84

Information Security Security Intelligence Hacking Accountability 84