Authentication, Information Security, Malware and Security Intelligence

Authentication

Information Security

Malware

Security Intelligence

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

— Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. Attacks showing up in commodity malware like those used by the threat actor CHIMBORAZO indicate broader exploitation in the near term.” states Microsoft.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

In October, Akamai’s Security Intelligence Response Team (SIRT) noticed an anomalous activity to the company’s honeypots targeting a rarely used TCP port. The probes were of low frequency and appeared to first attempt an authentication via a POST request and then, upon success, attempt a command injection exploitation.”

DDOS

DDOS Wireless Security Intelligence Authentication

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

— Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. We strongly recommend customers to immediately apply security updates for CVE-2020-1472.

Security Intelligence

Security Intelligence Authentication Advertising Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

Below the details of the ProxyLogon vulnerabilities: The first zero-day, tracked as CVE-2021-26855 , is a server-side request forgery (SSRF) vulnerability in Exchange that could be exploited by an attacker to authenticate as the Exchange server by sending arbitrary HTTP requests. and also as DearCry.

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance

Surveillance Malware Authentication DNS

The number of exploits in the Echobot botnet reached 59

Security Affairs

AUGUST 7, 2019

At the time of its discovery, operators added 8 new exploits, but a few weeks later the popular expert Larry Cashdollar from Akamai’s Security Intelligence Response Team (SIRT) discovered a variant that included a total of 26 exploits. Authentication Bypass / Remote Command Execution EnGenius EnShare IoT Gigabit Cloud Service 1.4.11

Wireless

Wireless IoT Advertising Surveillance

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Cisco Security

MAY 27, 2022

Malware Threat Intelligence made easy and available, with Cisco Secure Malware Analytics and SecureX by Ben Greenbaum . SecureX: Bringing Threat Intelligence Together by Ian Redden . Secure Endpoint for iOS/Security Connector . Secure Malware Analytics (formerly Threat Grid) .

Malware

Malware Accountability DNS Technology

Microsoft blocked Polonium attacks against Israeli organizations

Security Affairs

JUNE 3, 2022

Threat actors were observed abusing OneDrive, for this reason, the IT giant has suspended more than 20 malicious OneDrive applications created by POLONIUM actors, notified affected organizations, and deployed a series of security intelligence updates that will quarantine malicious tools developed by the attackers.

Security Intelligence

Security Intelligence Antivirus Hacking Authentication

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN

VPN Social Engineering Accountability Media

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. The Zerologon vulnerability, tracked as CVE-2020-1472 , is an elevation of privilege that resides in the Netlogon.

Authentication

Authentication Advertising Architecture Security Intelligence

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

.” Microsoft Threat Intelligence Information Center (MSTIC) has uncovered activity by the threat actor PHOSPHOROUS, which has been masquerading as conference organizers and sending spoofed invitations by email to high-profile individuals. ” suggest Microsoft.

Hacking

Hacking Security Intelligence Accountability Advertising

Cybersecurity Checklist for Political Campaigns

Lenny Zeltser

MAY 3, 2019

Modern applications support features that attackers can abuse to install malware on your system. Enable as many OS and app security features as practical. Use modern, reputable anti-malware software. More broadly: Enable two-factor authentication everywhere. Require two-factor authentication for all accounts.

Cybersecurity

Cybersecurity Social Engineering Authentication Software

Cyber Security Informer

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

New InfectedSlurs Mirai-based botnet exploits two zero-days

Webinars

Trending Sources

Hackers are using Zerologon exploits in attacks in the wild

Webinars

Researchers warn of a surge in cyber attacks against Microsoft Exchange

European firm DSIRF behind the attacks with Subzero surveillance malware

The number of exploits in the Echobot botnet reached 59

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Microsoft blocked Polonium attacks against Israeli organizations

Iran-linked APT groups continue to evolve

Iran-linked APT is exploiting the Zerologon flaw in attacks

Iran-linked Phosphorous APT hacked emails of security conference attendees

Cybersecurity Checklist for Political Campaigns

Stay Connected