Authentication, Hacking, Information Security and Security Intelligence

Authentication

Hacking

Information Security

Security Intelligence

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Hacking

Hacking Security Intelligence Accountability Advertising

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

— Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. SecurityAffairs – hacking, ZeroLogon). Pierluigi Paganini.

Security Intelligence

Security Intelligence Authentication Advertising Passwords

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. SecurityAffairs – hacking, Zerologon). states Microsoft.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Microsoft blocked Polonium attacks against Israeli organizations

Security Affairs

JUNE 3, 2022

Microsoft blocked an attack activity aimed at Israeli organizations attributed to a previously unknown Lebanon-based hacking group tracked as POLONIUM. Microsoft announced to have blocked a series of attacks targeting Israeli organizations that have been conducted by a previously unknown Lebanon-based hacking group tracked as POLONIUM.

Security Intelligence

Security Intelligence Antivirus Hacking Authentication

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

In October, Akamai’s Security Intelligence Response Team (SIRT) noticed an anomalous activity to the company’s honeypots targeting a rarely used TCP port. The probes were of low frequency and appeared to first attempt an authentication via a POST request and then, upon success, attempt a command injection exploitation.”

DDOS

DDOS Wireless Security Intelligence Authentication

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

Below the details of the ProxyLogon vulnerabilities: The first zero-day, tracked as CVE-2021-26855 , is a server-side request forgery (SSRF) vulnerability in Exchange that could be exploited by an attacker to authenticate as the Exchange server by sending arbitrary HTTP requests. SecurityAffairs – hacking, Microsoft Exchange).

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

SolarWinds Serv-U bug exploited for Log4j attacks

Security Affairs

JANUARY 19, 2022

According to the advisory published by SolarWinds, the Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. “The Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized,” reads the advisory published by SolarWinds.

Authentication

Authentication Hacking Ransomware Security Intelligence

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

The DSIRF website states the provide services “to multinational corporations in the technology, retail, energy and financial sectors ” and that they have “ a set of highly sophisticated techniques in gathering and analyzing information. Confirm that Microsoft Defender Antivirus is updated to security intelligence update 1.371.503.0

Surveillance

Surveillance Malware Authentication DNS

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. SecurityAffairs – hacking, Zerologon). We strongly recommend patching. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Security Intelligence

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage.

Phishing

Phishing Media Hacking Education

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN

VPN Social Engineering Accountability Media

Cybersecurity Checklist for Political Campaigns

Lenny Zeltser

MAY 3, 2019

Enabling two-factor authentication is perhaps the most important step toward resisting such tactics (attackers have intercepted SMS codes, so use other methods, if possible). More broadly: Enable two-factor authentication everywhere. Require authentication for printer, server, computer, and device access even on local networks.

Cybersecurity

Cybersecurity Social Engineering Authentication Software

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Cisco Security

MAY 27, 2022

Training course at time in location: “Web Hacking Black Belt Edition”. The description for the training “Web Hacking Black Belt Edition” can be seen here: [link]. With SecureX sign-on we can log into all the products only having to type a password one time and approve one Cisco DUO Multi-Factor Authentication (MFA) push.

Malware

Malware Accountability DNS Technology

The number of exploits in the Echobot botnet reached 59

Security Affairs

AUGUST 7, 2019

At the time of its discovery, operators added 8 new exploits, but a few weeks later the popular expert Larry Cashdollar from Akamai’s Security Intelligence Response Team (SIRT) discovered a variant that included a total of 26 exploits. Authentication Bypass / Remote Command Execution EnGenius EnShare IoT Gigabit Cloud Service 1.4.11

Wireless

Wireless IoT Advertising Surveillance

Cyber Security Informer

Iran-linked Phosphorous APT hacked emails of security conference attendees

Hackers are using Zerologon exploits in attacks in the wild

Webinars

Trending Sources

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Webinars

Microsoft blocked Polonium attacks against Israeli organizations

New InfectedSlurs Mirai-based botnet exploits two zero-days

Researchers warn of a surge in cyber attacks against Microsoft Exchange

SolarWinds Serv-U bug exploited for Log4j attacks

European firm DSIRF behind the attacks with Subzero surveillance malware

Iran-linked APT is exploiting the Zerologon flaw in attacks

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Iran-linked APT groups continue to evolve

Cybersecurity Checklist for Political Campaigns

Black Hat Asia 2022 Continued: Cisco Secure Integrations

The number of exploits in the Echobot botnet reached 59

Stay Connected