Government, Information Security and Security Intelligence

Finnish intelligence warns of Russia’s cyberespionage activities

Security Affairs

OCTOBER 3, 2022

The Finnish Security Intelligence Service ( SUPO ) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service ( Suojelupoliisi or SUPO ) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.

Security Intelligence

Security Intelligence Manufacturing Cyber threats Accountability

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. The bot targets private gaming servers, cloud hosting providers, and certain government and educational sites.

IoT

IoT DDOS Architecture Internet

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The CISA agency is warning of a surge in Emotet attacks targeting multiple state and local governments in the US since August. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. since August.

Government

Government Banking Advertising Malware

Webinars

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

MORE WEBINARS

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

— Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. Microsoft 365 Defender customers can also refer to these detections: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 5, 2020.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

OCTOBER 25, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

Telecommunications

Telecommunications Technology Hacking Malware

Canadian intelligence agencies CSE and CSIS are divided on Huawei 5G ban

Security Affairs

NOVEMBER 14, 2019

The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) are divided over the ban of Huawei 5G technology. The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) agencies are divided over the ban of Huawei 5G technology.

Government

Government Telecommunications Wireless Security Intelligence

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Daniel Miessler

NOVEMBER 6, 2020

I think there are four main trends that will play out in the field of information security in the next 20 years. The world’s small businesses, hospitals, schools, and local governments are starved for cybersecurity talent, and there aren’t nearly enough people to fill the roles. Image from information-age.com.

InfoSec

InfoSec Insurance Artificial Intelligence Cybersecurity

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations. pic.twitter.com/1qnx3NmwiB — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020.

Malware

Malware Security Intelligence Banking Phishing

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Recently, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. Researchers from Microsoft Security Intelligence are also warning of the ongoing Halloween-themed Emotet campaign. since August.

Banking

Banking Malware Security Intelligence Advertising

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Get TTPs and protection info: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 14, 2022. Microsoft has identified a new ransomware strain "Prestige" in limited targeted attacks in Ukraine and Poland. Several notable features differentiate this ransomware from other campaigns and payloads tracked by MSTIC.

Ransomware

Ransomware Telecommunications DNS Hacking

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. The hackers targeted organizations across multiple industries and have also hit foreign governments, dissidents, and journalists. ” Microsoft said.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). — Microsoft Security Intelligence (@MsftSecIntel) March 12, 2021. Microsoft protects against this threat known as Ransom:Win32/DoejoCrypt.A, and also as DearCry. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

In April 2017, Symantec security experts who analyzed the alleged CIA hacking tools included in the Vault 7 dump that were involved in attacks aimed at least 40 governments and private organizations across 16 countries. According to the firm, the US cyber spies are targeting various industry sectors and government agencies.

Malware

Malware Hacking Government Telecommunications

10 Reasons to Trust Your Enterprise APIs

Cisco Security

AUGUST 30, 2021

Using this list as a backdrop the following best practices are presented as a call to action to help organizations take a proactive approach at addressing API security risk. Your team many find the resources and community support on Cisco DevNet as a great way to connect, secure, and automate APIs. Maps to API1-API10. Maps to API10.

Software

Software Authentication Risk Encryption

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

link] — Microsoft Security Intelligence (@MsftSecIntel) October 12, 2020. This action will result in protection for a wide range of organizations, including financial services institutions, government, healthcare, and other verticals from malware and human-operated campaigns delivered via the Trickbot infrastructure.”

Banking

Banking Malware Advertising Financial Services

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

The Australian agency also warns of Emotet campaigns that in the last months hit the country posing a significant threat for both organizations and government offices. Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019.

Small Business

Small Business Malware Cryptocurrency Advertising

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Cyber threat management , being an advanced discipline, craves analytical attention and a commander’s strategic skills of information security executives to confront and overcome the multi-dimensional cyber threats.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO

Security Affairs

AUGUST 7, 2023

In June, the Finnish government expelled nine diplomats from the Russian embassy in Helsinki and accused them of cyber espionage for Moscow. Vladimir Putin issued multiple warnings that Russia would respond in kind if Nato set up military infrastructure in Finland after they joined the alliance.

Ransomware

Ransomware Government Cyber threats Security Intelligence

Microsoft blocked Polonium attacks against Israeli organizations

Security Affairs

JUNE 3, 2022

Threat actors were observed abusing OneDrive, for this reason, the IT giant has suspended more than 20 malicious OneDrive applications created by POLONIUM actors, notified affected organizations, and deployed a series of security intelligence updates that will quarantine malicious tools developed by the attackers.

Security Intelligence

Security Intelligence Antivirus Hacking Authentication

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN

VPN Social Engineering Accountability Media

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

.” Microsoft Threat Intelligence Information Center (MSTIC) has uncovered activity by the threat actor PHOSPHOROUS, which has been masquerading as conference organizers and sending spoofed invitations by email to high-profile individuals. Data was exfiltrated to the de-ma[.]online online domain, and the g20saudi.000webhostapp[.]com,

Hacking

Hacking Security Intelligence Accountability Advertising

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

Microsoft 365 Defender customers can also refer to these detections: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 5, 2020. MSTIC has observed activity by the nation-state actor MERCURY using the CVE-2020-1472 exploit (ZeroLogon) in active campaigns over the last 2 weeks. We strongly recommend patching.

Authentication

Authentication Advertising Architecture Security Intelligence

Cybersecurity Checklist for Political Campaigns

Lenny Zeltser

MAY 3, 2019

government. I formulated the advice above mostly based on the tactics used against 2016 and 2018 election campaigns in the United States, as publicly described by the news media, cybersecurity companies, and the U.S.

Cybersecurity

Cybersecurity Social Engineering Authentication Software

Recorded Future to Provide Free Access to Elite Intelligence Through New Browser Extension

Security Affairs

MAY 5, 2020

Level up Your Security Program With the Same Security Intelligence Used by the World’s Largest Governments and Many of the Fortune 1000. Recorded Future real-time security intelligence helps users instantly understand which vulnerabilities pose the most risk, so they can patch those first.

Security Intelligence

Security Intelligence Risk Advertising Malware

Cyber Security Informer

Finnish intelligence warns of Russia’s cyberespionage activities

Updated Kmsdx botnet targets IoT devices

Webinars

Trending Sources

CISA alert warns of Emotet attacks on US govt entities

Webinars

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Canadian intelligence agencies CSE and CSIS are divided on Huawei 5G ban

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Emotet operators are running Halloween-themed campaigns

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Purple Lambert, a new malware of CIA-linked Lambert APT group

10 Reasons to Trust Your Enterprise APIs

Microsoft partnered with other security firms to takedown TrickBot botnet

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Cyber Security Awareness and Risk Management

The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO

Microsoft blocked Polonium attacks against Israeli organizations

Iran-linked APT groups continue to evolve

Iran-linked Phosphorous APT hacked emails of security conference attendees

Iran-linked APT is exploiting the Zerologon flaw in attacks

Cybersecurity Checklist for Political Campaigns

Recorded Future to Provide Free Access to Elite Intelligence Through New Browser Extension

Stay Connected