Security Affairs

MAY 15, 2022

Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022. SecurityAffairs – hacking, Sysrv botnet).

Security Intelligence 84

Security Intelligence Malware Architecture Backups 84

Security Affairs

DECEMBER 17, 2023

On December 6, The Akamai Security Intelligence Response Team (SIRT) published the first update to the InfectedSlurs advisory series. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) and earlier. .

Firmware 115

Firmware Wireless DDOS IoT 115

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks.

IoT 90

IoT DDOS Architecture Internet 90

Security Affairs

JULY 1, 2022

Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux servers to install crypto miners. “We observed notable updates to the long-running malware campaign targeting Linux systems by a group known as the 8220 gang.”

Security Intelligence 86

Security Intelligence Malware Hacking Information Security 86

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. SecurityAffairs – hacking, Zerologon). states Microsoft.

Cybercrime 119

Cybercrime Security Intelligence Authentication Banking 119

Security Affairs

NOVEMBER 22, 2023

In October, Akamai’s Security Intelligence Response Team (SIRT) noticed an anomalous activity to the company’s honeypots targeting a rarely used TCP port. The InfectedSlurs is based on the JenX Mirai malware variant that in 2018 leveraged the Grand Theft Auto videogame community to infect devices.

DDOS 114

DDOS Wireless Security Intelligence Authentication 114

Security Affairs

OCTOBER 25, 2021

The NOBELIUM APT ( APT29 , Cozy Bear , and The Dukes) is the threat actor that conducted supply chain attack against SolarWinds, which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors. SecurityAffairs – hacking, cyber security).

Telecommunications 110

Telecommunications Technology Hacking Malware 110

Security Affairs

SEPTEMBER 24, 2020

New Zealand’s Computer Emergency Response Team (CERT) also published a security alert warning of spam campaigns spreading the Emotet threat. jp) email addresses that have been infected with the infamous malware and that can be employed in further spam campaigns. Today was only about a dozen replychain and nothing else.

Malware 126

Malware Passwords Advertising Cybercrime 126

Security Affairs

JUNE 14, 2021

— Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. The sites appear as a clone of Google Drive web pages used to serve the SolarMaker malware. pic.twitter.com/cBeTfteyGl — Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. SecurityAffairs – hacking, seo poisoning).

Antivirus 70

Antivirus Security Intelligence Malware Insurance 70

Security Affairs

SEPTEMBER 18, 2021

The group is suspected to have been running successful malware campaigns for more than five years. The attackers have used off-the-shelf malware since the beginning of their operations and have never developed their own malware. — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021.

Malware 99

Malware Phishing DNS Cybercrime 99

Security Affairs

OCTOBER 31, 2020

Crooks behind Emotet malware attempt to take advantage of the Halloween festivity, a new campaign could invite you to a Halloween party. Threat actors are attempting to take advantage of the Halloween festivities, a recent Emotet malware campaign spotted by BleepingComputer employed spam emails that invite recipients to a Halloween party.

Banking 107

Banking Malware Security Intelligence Advertising 107

Security Affairs

OCTOBER 6, 2020

In the middle-August, the malware was employed in fresh COVID19-themed spam campaign. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. Pierluigi Paganini.

Government 135

Government Banking Advertising Malware 135

Security Affairs

NOVEMBER 12, 2021

— Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021. HTML smuggling is a highly evasive technique for malware delivery that leverages legitimate HTML5 and JavaScript features. SecurityAffairs – hacking, phishing). The malicious payloads are delivered via encoded strings in an HTML attachment or webpage.

Phishing 103

Phishing Banking Passwords Firewall 103

Security Affairs

MARCH 21, 2021

. “Today, we have taken an additional step to further support our customers who are still vulnerable and have not yet implemented the complete security update. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, Microsoft Defender). Pierluigi Paganini.

Antivirus 126

Antivirus Small Business Security Intelligence Hacking 126

Security Affairs

NOVEMBER 11, 2022

Get TTPs and protection info: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 14, 2022. In April, Sandworm targeted energy facilities in Ukraine with a new strain of the Industroyer ICS malware (INDUSTROYER2) and a new version of the CaddyWiper wiper. SecurityAffairs – hacking, Prestige ransomware).

Ransomware 85

Ransomware Telecommunications DNS Hacking 85

Security Affairs

MAY 27, 2020

pic.twitter.com/Q3BMs7fSvx — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Learn how to build organizational security hygiene to prevent human-operated attacks: [link] — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. SecurityAffairs – Ponyfinal ransomware, hacking).

Ransomware 104

Ransomware Security Intelligence Encryption Advertising 104

Security Affairs

SEPTEMBER 24, 2020

— Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. SecurityAffairs – hacking, ZeroLogon). Pierluigi Paganini.

Security Intelligence 130

Security Intelligence Authentication Advertising Passwords 130

Security Affairs

OCTOBER 12, 2020

The security firms have collected more than 125,000 TrickBot malware samples and mapped the command and control infrastructure. The TrickBot botnet was considered by security experts one of the biggest botnets. Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations.

Banking 97

Banking Malware Advertising Financial Services 97

Security Affairs

MARCH 12, 2021

This week, the independent security researcher Nguyen Jang published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers. The availability of the exploit online was immediately noticed by several cyber security experts, including Marcus Hutchins. SecurityAffairs – hacking, Microsoft Exchange).

Cyber Attacks 124

Cyber Attacks Cybercrime Authentication Hacking 124

Security Affairs

MAY 20, 2023

Researchers at Microsoft Security Intelligence team published a series of tweets to warn of a new wave of attacks aimed at distributing the Clop ransomware and linked it to the financially motivated cybercriminal group Sangria Tempest (ELBRUS, FIN7 ).

Cybercrime 88

Cybercrime Ransomware Security Intelligence Hacking 88

Security Affairs

OCTOBER 12, 2023

Researchers from the Akamai Security Intelligence Group uncovered a Magecart web skimming campaign that is manipulating the website’s default 404 error page to hide malicious code. Researchers observed a new Magecart web skimming campaign changing the websites’ default 404 error page to steal credit cards.

Retail 109

Retail Security Intelligence Hacking Software 109

Security Affairs

JUNE 24, 2019

pic.twitter.com/PQ2g7rvDQm — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. The final payload is the remote access Trojan FlawedAmmyy,” reads a Tweet published by Microsoft Security Intelligence. Pierluigi Paganini.

Security Intelligence 82

Security Intelligence Advertising Malware Banking 82

Security Affairs

OCTOBER 16, 2022

Get TTPs and protection info: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 14, 2022. SecurityAffairs – hacking, DEV-0960). The post Mysterious Prestige ransomware targets organizations in Ukraine and Poland appeared first on Security Affairs. ” concludes the report. Pierluigi Paganini.

Ransomware 88

Ransomware Encryption Backups Security Intelligence 88

Security Affairs

JULY 9, 2019

Microsoft Defender ATP Research Team discovered a fileless malware campaign that was spreading the information stealing Astaroth Trojan. Experts at the Microsoft Defender ATP Research Team discovered a fileless malware campaign that is delivering the information stealing Astaroth Trojan. Pierluigi Paganini.

Antivirus 74

Antivirus Malware Advertising Security Intelligence 74

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. SecurityAffairs – hacking, BISMUTH). Experts also speculate that Bismuth hackers are exploring new ways of generating revenue from compromising systems.

Cryptocurrency 96

Cryptocurrency Antivirus Manufacturing Government 96

Security Affairs

MAY 24, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. SecurityAffairs – COVID-19, hacking). The post Coronavirus-themed attacks May 17 – May 23, 2020 appeared first on Security Affairs. Pierluigi Paganini.

Advertising 70

Advertising Security Intelligence Hacking Information Security 70

Security Affairs

NOVEMBER 8, 2019

Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aimed at installing a cryptocurrency miner on the infected systems. BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Pierluigi Paganini.

Penetration Testing 66

Penetration Testing Malware Advertising Spyware 66

Security Affairs

NOVEMBER 11, 2019

“The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency.”

Small Business 63

Small Business Malware Cryptocurrency Advertising 63

Security Affairs

JUNE 10, 2019

Spam messages are carrying weaponized RTF documents that could infect users with malware without any user interaction, just opening the RTF documents. pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019.

Security Intelligence 71

Security Intelligence Advertising Malware Information Security 71

Security Affairs

JUNE 16, 2019

The popular expert Larry Cashdollar, from Akamai’s Security Intelligence Response Team (SIRT), spotted a new version of the Echobot botnet that counts 26 different exploits. ” Botnet operators continue to implement new methods to make their malware more aggressive and to infect the larger number of systems as possible. .”

IoT 86

IoT Wireless Advertising Malware 86

Security Affairs

OCTOBER 30, 2020

For information on how to secure that part of a Kubernetes cluster, click here. About the Author: David Bisson is an information security writer and security junkie. He’s a contributing editor to IBM’s Security Intelligence, Tripwire’s The State of Security Blog, and a contributing writer to Bora.

Advertising 95

Advertising Internet Internet VPN 95

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance 91

Surveillance Malware Authentication DNS 91

Security Affairs

AUGUST 7, 2019

At the time of its discovery, operators added 8 new exploits, but a few weeks later the popular expert Larry Cashdollar from Akamai’s Security Intelligence Response Team (SIRT) discovered a variant that included a total of 26 exploits. SecurityAffairs – Echobot variant, malware). Nothing interesting so far. Pierluigi Paganini.

Wireless 80

Wireless IoT Advertising Surveillance 80

Security Boulevard

MAY 25, 2021

Hack-Port.rar. hack-academy.ru.rar. Webmasters.ru.rar. reversing.cc.rar. monopoly.ms.rar. Exelab.rar. blacktip.top.rar. red.ug.rar. ghostmarket.net.rar. DomenForum.rar. h0st.pw.rar. crdpro.cc.rar. Antichat.ru.rar. ProxyBase.rar. replace.org.ua.rar. Eviloctal.rar. Xakepok.rar. verified.bz. WWH-Club.rar. GoFuckBiz.rar. Promarket.rar.

Cybercrime 59

Cybercrime Cyber threats Hacking Software 59

Spinone

DECEMBER 26, 2018

Cyber threat management , being an advanced discipline, craves analytical attention and a commander’s strategic skills of information security executives to confront and overcome the multi-dimensional cyber threats. What are the benefits of cyber security awareness trainings?

Security Awareness 40

Security Awareness Risk Cyber threats Cyber Risk 40

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Hacking 70

Hacking Security Intelligence Accountability Advertising 70

Security Affairs

JUNE 3, 2022

Microsoft blocked an attack activity aimed at Israeli organizations attributed to a previously unknown Lebanon-based hacking group tracked as POLONIUM. Microsoft announced to have blocked a series of attacks targeting Israeli organizations that have been conducted by a previously unknown Lebanon-based hacking group tracked as POLONIUM.

Security Intelligence 90

Security Intelligence Antivirus Hacking Authentication 90