Information Security, Passwords and Security Intelligence

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

— Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. We strongly recommend customers to immediately apply security updates for CVE-2020-1472.

Security Intelligence

Security Intelligence Authentication Advertising Passwords

STRRAT RAT spreads masquerading as ransomware

Security Affairs

MAY 20, 2021

Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. pic.twitter.com/mGow2sJupN — Microsoft Security Intelligence (@MsftSecIntel) May 19, 2021. STRRAT RAT was first spotted in June 2020 by G DATA who documented its features.

Ransomware

Ransomware Malware Encryption Security Intelligence

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

The recent Emotet campaign uses spam messages with password-protected attachments, experts noticed a decline in infections over the weekend, a behavior already observed in the past. Emotet joined the password-protected attachment bandwagon with a campaign starting Friday. ” states the Italian CSIRT’s alert.

Malware

Malware Passwords Advertising Ransomware

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

— Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. Microsoft 365 Defender customers can also refer to these detections: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 5, 2020.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

NOVEMBER 12, 2021

— Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021. Once opened the attachment in a web browser, it creates a password-protected JavaScript file on the recipient’s system, asking the victim to provide the password from the original HTML attachment.

Phishing

Phishing Banking Passwords Malware

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN

VPN Accountability Social Engineering Media

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

OCTOBER 25, 2021

Microsoft is sharing information about the latest activity observed from the threat actor NOBELIUM, which has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 25, 2021.

Telecommunications

Telecommunications Technology Hacking Malware

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

Emotet joined the password-protected attachment bandwagon with a campaign starting Friday. pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020.

Government

Government Banking Advertising Malware

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory. Microsoft 365 Defender customers can also refer to these detections: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 5, 2020.

Authentication

Authentication Advertising Architecture Cyber Attacks

10 Reasons to Trust Your Enterprise APIs

Cisco Security

AUGUST 30, 2021

Using this list as a backdrop the following best practices are presented as a call to action to help organizations take a proactive approach at addressing API security risk. and protocols like OpenID Connect to secure the sharing of sensitive company and user information. Maps to API1,API2,API5, and API6. Maps to API7.

Software

Software Authentication Risk Encryption

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage.

Phishing

Phishing Media Hacking Education

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

Confirm that Microsoft Defender Antivirus is updated to security intelligence update 1.371.503.0 Note: Microsoft strongly encourages all customers download and use password-less solutions like Microsoft Authenticator to secure accounts. or later to detect the related indicators.

Surveillance

Surveillance Malware Authentication Accountability

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Cisco Security

MAY 27, 2022

This means sharing usernames and passwords became tedious and not to mention insecure, especially with 15 Cisco staff, plus partners, accessing the platforms. The Cisco Secure stack at Black Hat includes SecureX, Umbrella, Malware Analytics, Secure Endpoint (iOS clarity), and Meraki. How does this magic work behind the scenes?

Malware

Malware Accountability Technology DNS

Hackers Also Have Financial Reporting And Quotas :)

Security Boulevard

JUNE 18, 2022

I even told him my password was “admin123.” Security breaches cause foreseeable financial damage to the organization. In many cases, more significant than the amount spent on combined network security, cloud security, and artificial intelligence. I opened my laptop and let the kid take a few pictures.

Hacking

Hacking CISO Cybersecurity Banking

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Cyber threat management , being an advanced discipline, craves analytical attention and a commander’s strategic skills of information security executives to confront and overcome the multi-dimensional cyber threats.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Cybersecurity Checklist for Political Campaigns

Lenny Zeltser

MAY 3, 2019

Use a password vault, avoiding password reuse. Change default passwords for devices and apps. Enabling two-factor authentication is perhaps the most important step toward resisting such tactics (attackers have intercepted SMS codes, so use other methods, if possible). More broadly: Enable two-factor authentication everywhere.

Cybersecurity

Cybersecurity Social Engineering Authentication Software

Cyber Security Informer

Hackers are using Zerologon exploits in attacks in the wild

STRRAT RAT spreads masquerading as ransomware

Trending Sources

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

HTML Smuggling technique used in phishing and malspam campaigns

Iran-linked APT groups continue to evolve

Russia-linked Nobelium APT targets orgs in the global IT supply chain

CISA alert warns of Emotet attacks on US govt entities

Iran-linked APT is exploiting the Zerologon flaw in attacks

10 Reasons to Trust Your Enterprise APIs

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

European firm DSIRF behind the attacks with Subzero surveillance malware

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Hackers Also Have Financial Reporting And Quotas :)

Cyber Security Awareness and Risk Management

Cybersecurity Checklist for Political Campaigns

Stay Connected