2017, Information Security and Security Intelligence

2017

Information Security

Security Intelligence

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Security Affairs

JUNE 10, 2019

The spam messages are sent in various European languages, threat actors are exploiting the Microsoft Office and Wordpad CVE-2017-11882 vulnerability. pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. Windows Defender ATP detects the documents as Exploit:O97M/CVE-2017-11882.AD

Security Intelligence

Security Intelligence Advertising Malware Information Security

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

Microsoft 365 Defender customers can also refer to these detections: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 5, 2020. The first MuddyWater campaign was observed in late 2017 when targeted entities in the Middle East. We strongly recommend patching. ” reads the analysis published by Microsoft.

Authentication

Authentication Advertising Architecture Security Intelligence

Join 28,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Security Affairs

JULY 1, 2022

Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux servers to install crypto miners. ” The 8220 group has been active since at least 2017, it focuses on cryptomining campaigns. . Pierluigi Paganini.

Security Intelligence

Security Intelligence Malware Hacking Information Security

Corona Mirai botnet spreads via AVTECH CCTV zero-day

Security Affairs

AUGUST 29, 2024

Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. .” The bot also targets AVTECH issues , a Hadoop YARN RCE , and CVE-2014-8361.

Firmware

Firmware Malware Security Intelligence Authentication

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

More details + TTPs in this MSTIC blog: [link] — Microsoft Security Intelligence (@MsftSecIntel) August 15, 2022. SEABORGIUM has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft.

Phishing

Phishing Accountability Hacking Surveillance

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Get TTPs and protection info: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 14, 2022. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage.

Ransomware

Ransomware Telecommunications DNS Hacking

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

The UK agency reported ongoing spear-phishing campaigns carried out by Russia-based group SEABORGIUM and Iran-based group TA453 to gather intelligence on the victims. SEABORGIUM has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft.

Phishing

Phishing Media Hacking Education

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

The malicious code collects basic information about the infected system and also allows attackers to execute additional payload. Purple Lambert implements functionality similar to, but in different ways, Gray Lambert and White Lambert, which are kernel-mode passive-listener implant.

Malware

Malware Hacking Government Telecommunications

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

In this article we will learn how to address and effectively respond to major enterprise cybersecurity threats and provide tips to mitigate IT security risk. Today, c yber security incidents lead to significant damage, alarming organizations of all types and sizes in different geographic locations.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Cisco Security

MAY 27, 2022

Since 2017 (starting in Black Hat USA – Las Vegas), Cisco Umbrella has provided DNS security to the Black Hat attendee network, added layers of traffic visibility previously not seen. Secure X Device Insights made it easy to access information about these assets, either en masse or as required during an ongoing investigation.

Malware

Malware Accountability Technology DNS

Cyber Security Informer

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Iran-linked APT is exploiting the Zerologon flaw in attacks

Trending Sources

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Corona Mirai botnet spreads via AVTECH CCTV zero-day

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Purple Lambert, a new malware of CIA-linked Lambert APT group

Cyber Security Awareness and Risk Management

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Stay Connected