Document, Hacking, Information Security and Security Intelligence

Document

Hacking

Information Security

Security Intelligence

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

Microsoft disrupted a hacking operation linked conducted by Russia-linked APT SEABORGIUM aimed at NATO countries. Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage. SecurityAffairs – hacking, NATO).

Phishing

Phishing Accountability Hacking Surveillance

SEO poisoning campaign aims at delivering RAT, Microsoft warns

Security Affairs

JUNE 14, 2021

Microsoft 365 Defender data shows that the SEO poisoning technique is effective, given that Microsoft Defender Antivirus has detected and blocked thousands of these PDF documents in numerous environments. — Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. SecurityAffairs – hacking, seo poisoning).

Antivirus

Antivirus Security Intelligence Malware Insurance

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

STRRAT RAT spreads masquerading as ransomware

Security Affairs

MAY 20, 2021

Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. pic.twitter.com/mGow2sJupN — Microsoft Security Intelligence (@MsftSecIntel) May 19, 2021. STRRAT RAT was first spotted in June 2020 by G DATA who documented its features.

Ransomware

Ransomware Malware Encryption Security Intelligence

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. doc) attachments or include links to download the bait document. Source Bleeping Computer.

Banking

Banking Malware Security Intelligence Advertising

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020.

Government

Government Banking Advertising Malware

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

Security Affairs

MAY 15, 2022

Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022. SecurityAffairs – hacking, Sysrv botnet).

Security Intelligence

Security Intelligence Malware Architecture Backups

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents.

Malware

Malware Passwords Advertising Cybercrime

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. pic.twitter.com/1qnx3NmwiB — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020.

Malware

Malware Security Intelligence Banking Phishing

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

Our researchers are closely monitoring the campaign and will share additional info and investigation guidance through Microsoft 365 security center and Microsoft Threat Experts. — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021. SecurityAffairs – hacking, malware). Pierluigi Paganini.

Malware

Malware Phishing DNS Cybercrime

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Security Affairs

JUNE 10, 2019

Spam messages are carrying weaponized RTF documents that could infect users with malware without any user interaction, just opening the RTF documents. pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. Windows Defender ATP detects the documents as Exploit:O97M/CVE-2017-11882.AD

Security Intelligence

Security Intelligence Advertising Malware Information Security

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Across the years, the researchers found analyzed multiple backdoors and hacking tools composing the arsenal of the cyberespionage group. Researchers at company firm Symantec reportedly linked the CIA hacking tools to a number of cyber attacks launched in recent years by a threat actor the company identified as the Longhorn group.

Malware

Malware Hacking Government Telecommunications

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Security Affairs

OCTOBER 30, 2020

It will then provide recommendations on how organizations can secure each of these components. Per Kubernetes’ documentation , kube-apiserver is the front end for the Kubernetes control plane. For information on how to secure that part of a Kubernetes cluster, click here. SecurityAffairs – hacking, Kubernetes).

Advertising

Advertising Internet Internet VPN

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Security Affairs

JUNE 24, 2019

The macro included in the documents executes the legitimate msiexec.exe tool that downloads an MSI archive. pic.twitter.com/PQ2g7rvDQm — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019.

Security Intelligence

Security Intelligence Advertising Malware Banking

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

” Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aimed at installing a cryptocurrency miner on the infected systems. Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019.

Small Business

Small Business Malware Cryptocurrency Advertising

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN

VPN Social Engineering Accountability Media

Why Focusing on Container Runtimes Is the Most Critical Piece of Security for EKS Workloads?

Security Affairs

MARCH 19, 2021

According to its documentation , Kubernetes comes with load balancing features that help to distribute high network traffic and keep the deployment stable. The guidance provided above can help admins ensure container runtime security in Amazon EKS. For more information about other aspects of Amazon EKS security, click here.

Information Security

Information Security Security Intelligence Hacking Accountability

Cybersecurity Checklist for Political Campaigns

Lenny Zeltser

MAY 3, 2019

To understand the basis for these recommendations, read the documents mentioned at the end of the post. Attackers stole sensitive documents. Adversaries have routinely pursued sensitive campaign documents. Consider when to send attachments and when to share links to documents in cloud storage. campaigns from around 2016.

Cybersecurity

Cybersecurity Social Engineering Authentication Software

Cyber Security Informer

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

SEO poisoning campaign aims at delivering RAT, Microsoft warns

Webinars

Trending Sources

STRRAT RAT spreads masquerading as ransomware

Webinars

Emotet operators are running Halloween-themed campaigns

CISA alert warns of Emotet attacks on US govt entities

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Threat actor has been targeting the aviation industry since at least 2018

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Purple Lambert, a new malware of CIA-linked Lambert APT group

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Iran-linked APT groups continue to evolve

Why Focusing on Container Runtimes Is the Most Critical Piece of Security for EKS Workloads?

Cybersecurity Checklist for Political Campaigns

Stay Connected