Accountability, Information Security, Malware and Security Intelligence

Accountability

Information Security

Malware

Security Intelligence

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

Security Affairs

MAY 4, 2020

Microsoft warns of threat actors targeting organizations with malware-laced ISO and IMG files aimed at delivering a remote access trojan. Microsoft advanced machine learning threat detection models detected multiple malspam campaigns distributing malware-laced ISO. Pierluigi Paganini. SecurityAffairs – COVID-19, malspam).

Small Business

Small Business Malware Manufacturing Security Intelligence

STRRAT RAT spreads masquerading as ransomware

Security Affairs

MAY 20, 2021

Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. The latest version of the Java-based STRRAT malware (1.5)

Ransomware

Ransomware Malware Encryption Security Intelligence

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

Security Affairs

MAY 18, 2022

pic.twitter.com/Tro0NfMD0j — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022. The attackers also use sqlps.exe to create a new account that they add to the sysadmin role, enabling them to take full control of the SQL server. — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022.

Security Intelligence

Security Intelligence Hacking Accountability Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations. The malicious updates employed in the Zerologon attacks are able to bypass the user account control (UAC) security feature in Windows and abuse the Windows Script Host tool (wscript.exe) to execute malicious scripts.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Microsoft Defender can now protect servers against ProxyLogon attacks

Security Affairs

MARCH 21, 2021

. “Today, we have taken an additional step to further support our customers who are still vulnerable and have not yet implemented the complete security update. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. ” reads the announcement published by Microsoft.

Antivirus

Antivirus Small Business Security Intelligence Hacking

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

The IT giant reported that at least one China linked APT group, tracked as HAFNIUM , chained these vulnerabilities to access on-premises Exchange servers to access email accounts, and install backdoors to maintain access to victim environments. — Microsoft Security Intelligence (@MsftSecIntel) March 12, 2021.

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Security Affairs

OCTOBER 30, 2020

They can also follow the recommendations that StackRox made in September 2020 by restricting the feature’s file permissions, configuring to serve only HTTPs, binding it to a localhost interfact and using Kubernetes RBAC to allow access to individual service accounts per controller. cloud-controller-manager. What is it?

Advertising

Advertising Internet Internet VPN

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance

Surveillance Malware Authentication DNS

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Cyber threat management , being an advanced discipline, craves analytical attention and a commander’s strategic skills of information security executives to confront and overcome the multi-dimensional cyber threats. You will create cyber awareness among your staff, as well as users, partners, customers.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Cisco Security

MAY 27, 2022

Malware Threat Intelligence made easy and available, with Cisco Secure Malware Analytics and SecureX by Ben Greenbaum . SecureX: Bringing Threat Intelligence Together by Ian Redden . Secure Endpoint for iOS/Security Connector . Secure Malware Analytics (formerly Threat Grid) .

Malware

Malware Accountability DNS Technology

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN

VPN Social Engineering Accountability Media

Microsoft blocked Polonium attacks against Israeli organizations

Security Affairs

JUNE 3, 2022

Threat actors were observed abusing OneDrive, for this reason, the IT giant has suspended more than 20 malicious OneDrive applications created by POLONIUM actors, notified affected organizations, and deployed a series of security intelligence updates that will quarantine malicious tools developed by the attackers.

Security Intelligence

Security Intelligence Antivirus Hacking Authentication

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Hacking

Hacking Security Intelligence Accountability Advertising

Why Focusing on Container Runtimes Is the Most Critical Piece of Security for EKS Workloads?

Security Affairs

MARCH 19, 2021

In particular, they might consider limiting their use of ClusterRoles and ClusterRoleBindings, as these assignments could enable an attacker to move to other cluster resources if they compromise a single user account. The guidance provided above can help admins ensure container runtime security in Amazon EKS.

Information Security

Information Security Security Intelligence Hacking Accountability

Cybersecurity Checklist for Political Campaigns

Lenny Zeltser

MAY 3, 2019

Modern applications support features that attackers can abuse to install malware on your system. Enable as many OS and app security features as practical. Use modern, reputable anti-malware software. Don’t share user accounts with others on your team. the G Suite security checklist ). government.

Cybersecurity

Cybersecurity Social Engineering Authentication Software

Cyber Security Informer

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

STRRAT RAT spreads masquerading as ransomware

Webinars

Trending Sources

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

Webinars

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Microsoft Defender can now protect servers against ProxyLogon attacks

Researchers warn of a surge in cyber attacks against Microsoft Exchange

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

European firm DSIRF behind the attacks with Subzero surveillance malware

Cyber Security Awareness and Risk Management

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Iran-linked APT groups continue to evolve

Microsoft blocked Polonium attacks against Israeli organizations

Iran-linked Phosphorous APT hacked emails of security conference attendees

Why Focusing on Container Runtimes Is the Most Critical Piece of Security for EKS Workloads?

Cybersecurity Checklist for Political Campaigns

Stay Connected