Hacking, Information Security and Security Intelligence

DEF CON 31 Packet Hacking Village – Mike Raggo’s, Chet Hosmer’s ‘OSINT for Physical Security Intelligence’

Security Boulevard

NOVEMBER 3, 2023

Permalink The post DEF CON 31 Packet Hacking Village – Mike Raggo’s, Chet Hosmer’s ‘OSINT for Physical Security Intelligence’ appeared first on Security Boulevard. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada ; via the organizations YouTube channel.

Security Intelligence

Security Intelligence Hacking Architecture Education

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Security Affairs

JANUARY 11, 2022

The ransomware gang started its operations on December 27, 2021, and has already hacked the corporate networks of two organizations from Bangladesh and Japan respectively. link] — Microsoft Security Intelligence (@MsftSecIntel) January 11, 2022. — Microsoft Security Intelligence (@MsftSecIntel) January 11, 2022.

Ransomware

Ransomware Hacking Internet Internet

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

Security Affairs

MAY 18, 2022

Microsoft warns of a new hacking campaign aimed at MSSQL servers, threat actors are launching brute-forcing attacks against poorly protected instances. pic.twitter.com/Tro0NfMD0j — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022. — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022.

Security Intelligence

Security Intelligence Hacking Accountability Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Security Affairs

JULY 1, 2022

Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux servers to install crypto miners. — Microsoft Security Intelligence (@MsftSecIntel) June 29, 2022. SecurityAffairs – hacking, 8220).

Security Intelligence

Security Intelligence Malware Hacking Information Security

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

On December 6, The Akamai Security Intelligence Response Team (SIRT) published the first update to the InfectedSlurs advisory series. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) and earlier. .

Firmware

Firmware Wireless DDOS IoT

Microsoft Defender can now protect servers against ProxyLogon attacks

Security Affairs

MARCH 21, 2021

. “Today, we have taken an additional step to further support our customers who are still vulnerable and have not yet implemented the complete security update. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, Microsoft Defender). Pierluigi Paganini.

Antivirus

Antivirus Small Business Security Intelligence Hacking

Finnish intelligence warns of Russia’s cyberespionage activities

Security Affairs

OCTOBER 3, 2022

The Finnish Security Intelligence Service ( SUPO ) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service ( Suojelupoliisi or SUPO ) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.

Security Intelligence

Security Intelligence Manufacturing Cyber threats Accountability

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. SecurityAffairs – hacking, Zerologon). states Microsoft.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

— Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. SecurityAffairs – hacking, ZeroLogon). Pierluigi Paganini.

Security Intelligence

Security Intelligence Authentication Advertising Passwords

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

In October, Akamai’s Security Intelligence Response Team (SIRT) noticed an anomalous activity to the company’s honeypots targeting a rarely used TCP port. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, botnet)

DDOS

DDOS Wireless Security Intelligence Authentication

STRRAT RAT spreads masquerading as ransomware

Security Affairs

MAY 20, 2021

Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. pic.twitter.com/mGow2sJupN — Microsoft Security Intelligence (@MsftSecIntel) May 19, 2021. SecurityAffairs – hacking, STRRAT RAT). Pierluigi Paganini.

Ransomware

Ransomware Malware Encryption Security Intelligence

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

Security Affairs

MAY 15, 2022

Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022. SecurityAffairs – hacking, Sysrv botnet).

Security Intelligence

Security Intelligence Malware Architecture Backups

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

OCTOBER 25, 2021

The recent large scale campaign uncovered by Microsoft aimed at the service providers was uncovered by Microsoft researchers, in order to avoid detection, threat actors repetitively changed tactics and used a broad range of hacking tools and malware. SecurityAffairs – hacking, cyber security). Pierluigi Paganini.

Telecommunications

Telecommunications Technology Hacking Malware

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Security Affairs

MAY 20, 2023

Researchers at Microsoft Security Intelligence team published a series of tweets to warn of a new wave of attacks aimed at distributing the Clop ransomware and linked it to the financially motivated cybercriminal group Sangria Tempest (ELBRUS, FIN7 ).

Cybercrime

Cybercrime Ransomware Security Intelligence Hacking

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. pic.twitter.com/1qnx3NmwiB — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. Pierluigi Paganini.

Malware

Malware Security Intelligence Banking Phishing

A new Magecart campaign hides the malicious code in 404 error page

Security Affairs

OCTOBER 12, 2023

Researchers from the Akamai Security Intelligence Group uncovered a Magecart web skimming campaign that is manipulating the website’s default 404 error page to hide malicious code. Researchers observed a new Magecart web skimming campaign changing the websites’ default 404 error page to steal credit cards.

Retail

Retail Security Intelligence Hacking Software

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

Microsoft disrupted a hacking operation linked conducted by Russia-linked APT SEABORGIUM aimed at NATO countries. Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage. SecurityAffairs – hacking, NATO).

Phishing

Phishing Accountability Hacking Surveillance

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

Microsoft warns about ongoing PonyFinal ransomware attacks

Security Affairs

MAY 27, 2020

pic.twitter.com/Q3BMs7fSvx — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Learn how to build organizational security hygiene to prevent human-operated attacks: [link] — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. SecurityAffairs – Ponyfinal ransomware, hacking).

Ransomware

Ransomware Security Intelligence Encryption Advertising

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Get TTPs and protection info: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 14, 2022. SecurityAffairs – hacking, Prestige ransomware). The post Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Telecommunications DNS Hacking

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage.

Phishing

Phishing Media Hacking Education

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

This week, the independent security researcher Nguyen Jang published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers. The availability of the exploit online was immediately noticed by several cyber security experts, including Marcus Hutchins. SecurityAffairs – hacking, Microsoft Exchange).

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection

Security Affairs

OCTOBER 28, 2021

Get details: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 28, 2021. System Integrity Protection (also referred to as rootless) is a macOS security feature introduced in OS X El Capitan (2015) (OS X 10.11). . SecurityAffairs – hacking, Apple). Pierluigi Paganini.

Security Intelligence

Security Intelligence Hacking Technology Software

SEO poisoning campaign aims at delivering RAT, Microsoft warns

Security Affairs

JUNE 14, 2021

— Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. pic.twitter.com/cBeTfteyGl — Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. — Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. SecurityAffairs – hacking, seo poisoning).

Antivirus

Antivirus Security Intelligence Malware Insurance

IT giants warn of ongoing Chromeloader malware campaigns

Security Affairs

SEPTEMBER 20, 2022

pic.twitter.com/v6sexKgDSg — Microsoft Security Intelligence (@MsftSecIntel) September 16, 2022. SecurityAffairs – hacking, malware). The post IT giants warn of ongoing Chromeloader malware campaigns appeared first on Security Affairs. Microsoft attributes the attack to a threat actor tracked as DEV-0796.

Malware

Malware Adware Ransomware Security Intelligence

Coronavirus-themed attacks May 17 ? May 23, 2020

Security Affairs

MAY 24, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. SecurityAffairs – COVID-19, hacking). The post Coronavirus-themed attacks May 17 – May 23, 2020 appeared first on Security Affairs. Pierluigi Paganini.

Advertising

Advertising Security Intelligence Hacking Information Security

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Researchers from Microsoft Security Intelligence are also warning of the ongoing Halloween-themed Emotet campaign. SecurityAffairs – hacking, Emotet). The post Emotet operators are running Halloween-themed campaigns appeared first on Security Affairs. Enable Edition template mostly used. Source Bleeping Computer.

Banking

Banking Malware Security Intelligence Advertising

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

NOVEMBER 12, 2021

— Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021. “Therefore, organizations need a true “defense in depth” strategy and a multi-layered security solution that inspects email delivery, network activity, endpoint behavior, and follow-on attacker activities.” SecurityAffairs – hacking, phishing).

Phishing

Phishing Banking Passwords Firewall

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. SecurityAffairs – hacking, CISA). The post CISA alert warns of Emotet attacks on US govt entities appeared first on Security Affairs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Banking Advertising Malware

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Across the years, the researchers found analyzed multiple backdoors and hacking tools composing the arsenal of the cyberespionage group. Researchers at company firm Symantec reportedly linked the CIA hacking tools to a number of cyber attacks launched in recent years by a threat actor the company identified as the Longhorn group. “The

Malware

Malware Hacking Government Telecommunications

VMware urges customers to patch VMware Horizon servers against Log4j attacks

Security Affairs

JANUARY 26, 2022

link] — Microsoft Security Intelligence (@MsftSecIntel) January 11, 2022. The security team at the UK National Health Service (NHS) also announced to have spotted threat actors exploiting the Log4Shell vulnerability to hack VMWare Horizon servers and install web shells. “An Pierluigi Paganini.

Internet

Internet Internet Ransomware Hacking

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

Our researchers are closely monitoring the campaign and will share additional info and investigation guidance through Microsoft 365 security center and Microsoft Threat Experts. — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021. SecurityAffairs – hacking, malware). Pierluigi Paganini.

Malware

Malware Phishing DNS Cybercrime

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. SecurityAffairs – hacking, Emotet). The post Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns appeared first on Security Affairs. Pierluigi Paganini.

Malware

Malware Passwords Advertising Cybercrime

Mysterious Prestige ransomware targets organizations in Ukraine and Poland

Security Affairs

OCTOBER 16, 2022

Get TTPs and protection info: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 14, 2022. SecurityAffairs – hacking, DEV-0960). The post Mysterious Prestige ransomware targets organizations in Ukraine and Poland appeared first on Security Affairs. ” concludes the report. Pierluigi Paganini.

Ransomware

Ransomware Encryption Backups Security Intelligence

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Security Affairs

JUNE 24, 2019

pic.twitter.com/PQ2g7rvDQm — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. The final payload is the remote access Trojan FlawedAmmyy,” reads a Tweet published by Microsoft Security Intelligence.

Security Intelligence

Security Intelligence Advertising Malware Banking

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. SecurityAffairs – hacking, BISMUTH). Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

Security Affairs

MAY 4, 2020

pic.twitter.com/EbI8kxICQG — Microsoft Security Intelligence (@MsftSecIntel) May 4, 2020. The attachment is a ZIP archive containing the familiar ISO file carrying a malicious SCR file with misleading icon pic.twitter.com/o1FbMUbTBs — Microsoft Security Intelligence (@MsftSecIntel) May 4, 2020.

Small Business

Small Business Malware Manufacturing Security Intelligence

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Security Affairs

OCTOBER 30, 2020

For information on how to secure that part of a Kubernetes cluster, click here. About the Author: David Bisson is an information security writer and security junkie. He’s a contributing editor to IBM’s Security Intelligence, Tripwire’s The State of Security Blog, and a contributing writer to Bora.

Advertising

Advertising Internet Internet VPN

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

link] — Microsoft Security Intelligence (@MsftSecIntel) October 12, 2020. SecurityAffairs – hacking, Trickbot). The post Microsoft partnered with other security firms to takedown TrickBot botnet appeared first on Security Affairs. ” reads the post published by Microsoft. Pierluigi Paganini.

Banking

Banking Malware Advertising Financial Services

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

See how #MicrosoftDefenderATP next-gen protection defeated the #fileless attack: [link] — Microsoft Security Intelligence (@MsftSecIntel) July 8, 2019. The malware is able to log the users’ keystrokes, collect information through hooking, access clipboard content, and monitor the keystate. . Pierluigi Paganini.

Antivirus

Antivirus Malware Advertising Security Intelligence

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Security Affairs

JUNE 10, 2019

pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. “In the new campaign, the RTF file downloads and runs multiple scripts of different types (VBScript, PowerShell, PHP, others) to download the payload.

Security Intelligence

Security Intelligence Advertising Malware Information Security

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Security Boulevard

MAY 25, 2021

Hack-Port.rar. hack-academy.ru.rar. Webmasters.ru.rar. reversing.cc.rar. monopoly.ms.rar. Exelab.rar. blacktip.top.rar. red.ug.rar. ghostmarket.net.rar. DomenForum.rar. h0st.pw.rar. crdpro.cc.rar. Antichat.ru.rar. ProxyBase.rar. replace.org.ua.rar. Eviloctal.rar. Xakepok.rar. verified.bz. WWH-Club.rar. GoFuckBiz.rar. Promarket.rar.

Cybercrime

Cybercrime Cyber threats Hacking Software

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

NOVEMBER 8, 2019

Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aimed at installing a cryptocurrency miner on the infected systems. Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019.

Penetration Testing

Penetration Testing Malware Advertising Spyware

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

” Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aimed at installing a cryptocurrency miner on the infected systems. Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019.

Small Business

Small Business Malware Cryptocurrency Advertising

DEF CON 31 Packet Hacking Village – Mike Raggo’s, Chet Hosmer’s ‘OSINT for Physical Security Intelligence’

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Webinars

Trending Sources

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

Webinars

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Microsoft Defender can now protect servers against ProxyLogon attacks

Finnish intelligence warns of Russia’s cyberespionage activities

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Hackers are using Zerologon exploits in attacks in the wild

New InfectedSlurs Mirai-based botnet exploits two zero-days

STRRAT RAT spreads masquerading as ransomware

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Microsoft warns TA505 changed tactic in an ongoing malware campaign

A new Magecart campaign hides the malicious code in 404 error page

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Updated Kmsdx botnet targets IoT devices

Microsoft warns about ongoing PonyFinal ransomware attacks

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection

SEO poisoning campaign aims at delivering RAT, Microsoft warns

IT giants warn of ongoing Chromeloader malware campaigns

Coronavirus-themed attacks May 17 ? May 23, 2020

Emotet operators are running Halloween-themed campaigns

HTML Smuggling technique used in phishing and malspam campaigns

CISA alert warns of Emotet attacks on US govt entities

Purple Lambert, a new malware of CIA-linked Lambert APT group

VMware urges customers to patch VMware Horizon servers against Log4j attacks

Threat actor has been targeting the aviation industry since at least 2018

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Mysterious Prestige ransomware targets organizations in Ukraine and Poland

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Microsoft partnered with other security firms to takedown TrickBot botnet

A new Astaroth Trojan Campaign uncovered by Microsoft

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Stay Connected