Antivirus, Malware and Security Intelligence

Microsoft Defender can now protect servers against ProxyLogon attacks

Security Affairs

MARCH 21, 2021

Microsoft announced that its Defender Antivirus and System Center Endpoint Protection now protects users against attacks exploiting Exchange Server vulnerabilities. “Today, we have taken an additional step to further support our customers who are still vulnerable and have not yet implemented the complete security update. .

Antivirus

Antivirus Small Business Security Intelligence Hacking

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic. A surprising 91.5

Encryption

Encryption Malware Ransomware Firewall

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware

Malware Hacking Government Telecommunications

SEO poisoning campaign aims at delivering RAT, Microsoft warns

Security Affairs

JUNE 14, 2021

Microsoft 365 Defender data shows that the SEO poisoning technique is effective, given that Microsoft Defender Antivirus has detected and blocked thousands of these PDF documents in numerous environments. — Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. ” state Microsoft. Pierluigi Paganini.

Antivirus

Antivirus Security Intelligence Malware Insurance

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance

Surveillance Malware Authentication Accountability

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

In the middle-August, the malware was employed in fresh COVID19-themed spam campaign. Emotet is a modular malware, its operators could develop new Dynamic Link Libraries to update its capabilities. ” According to CISA, the surge in the attacks has rendered this malware one of the most prevalent ongoing threats.

Government

Government Banking Advertising Malware

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

Microsoft Defender ATP Research Team discovered a fileless malware campaign that was spreading the information stealing Astaroth Trojan. Experts at the Microsoft Defender ATP Research Team discovered a fileless malware campaign that is delivering the information stealing Astaroth Trojan.

Antivirus

Antivirus Malware Advertising Security Intelligence

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

Despite billions of dollars spent on the latest, greatest antivirus suites, firewalls and intrusion detection systems, enterprises continue to suffer breaches that can be traced back to the actions of a single, unsuspecting employee. Yet there is a single point of failure common to just about all network break-ins: humans.

Social Engineering

Social Engineering Engineering Phishing Banking

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. “To perform DLL sideloading, BISMUTH introduced outdated versions of various applications, including Microsoft Defender Antivirus.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

Microsoft blocked Polonium attacks against Israeli organizations

Security Affairs

JUNE 3, 2022

Threat actors were observed abusing OneDrive, for this reason, the IT giant has suspended more than 20 malicious OneDrive applications created by POLONIUM actors, notified affected organizations, and deployed a series of security intelligence updates that will quarantine malicious tools developed by the attackers.

Security Intelligence

Security Intelligence Hacking Antivirus Authentication

Top Cybersecurity Products for 2021

eSecurity Planet

APRIL 23, 2021

Standalone security products are not enough to maintain the security posture of an entire organization. Between malware , phishing attacks , zero-day threats, advanced persistent threats , reconnaissance and brute force attacks, hackers are looking for any and every avenue into a network. Top cybersecurity products. CrowdStrike.

Cybersecurity

Cybersecurity Antivirus Artificial Intelligence Firewall

Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide

SC Magazine

JANUARY 29, 2021

The Lebanese group’s attacks started by using known vulnerabilities on public web servers, then distributing custom malware to steal files, while staying hidden, said Ivan Righi, cyber threat intelligence analyst at Digital Shadows, added that. The latest campaign used a new version of Explosive with new capabilities,” Righi said.

Antivirus

Antivirus Malware Cyber threats Media

Best Cybersecurity Software & Tools for 2022

eSecurity Planet

APRIL 29, 2022

Standalone cybersecurity tools are not enough to maintain the security posture of an entire organization. Between malware , phishing attacks , zero-day threats , advanced persistent threats , reconnaissance, and brute force attacks, hackers are looking for any and every avenue into a network. Jump to: XDR NGFWs CASBs SIEM.

Software

Software Cybersecurity Firewall Antivirus

IDS & IPS Remain Important Even as Other Tools Add IDPS Features

eSecurity Planet

MAY 25, 2022

This equipment usually cannot be protected by antivirus solutions or device-specific firewalls. These solutions can, like antivirus software, use signature-based technology to identify known malware attacks, but many new IDS and IPS also incorporate anomaly-based algorithms often boosted by artificial intelligence (AI).

Firewall

Firewall Wireless Software Encryption

Top Threat Intelligence Platforms for 2021

eSecurity Planet

SEPTEMBER 13, 2021

It boasts unlimited scalability and queries and offers intelligence on IP and URL reputation, web applications, malware , vulnerabilities and spam. Key Features: Human-generated threat intelligence data. Threat intelligence collaboration. Integration with third-party intelligence tools. CrowdStrike Falcon X.

Threat Detection

Threat Detection Risk Cybersecurity Firewall

Cyber Security Informer

Microsoft Defender can now protect servers against ProxyLogon attacks

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

Trending Sources

Purple Lambert, a new malware of CIA-linked Lambert APT group

SEO poisoning campaign aims at delivering RAT, Microsoft warns

European firm DSIRF behind the attacks with Subzero surveillance malware

CISA alert warns of Emotet attacks on US govt entities

A new Astaroth Trojan Campaign uncovered by Microsoft

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Microsoft blocked Polonium attacks against Israeli organizations

Top Cybersecurity Products for 2021

Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide

Best Cybersecurity Software & Tools for 2022

IDS & IPS Remain Important Even as Other Tools Add IDPS Features

Top Threat Intelligence Platforms for 2021

Stay Connected