In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.
Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced adversaries, and their customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks.
Read more…
Source: Microsoft
Related:
- HHS: Ransomware groups continue to target U.S. health sector
January 25, 2023
The Royal and Blackcat ransomware groups continue to aggressively target the U.S. health sector, according to a recent advisory from the Department of Health and Human Services. Just this week, the Washington Post described an apparent recent attack by Blackcat on NextGen Healthcare, a company that provides electronic health record and practice management software to ...
- Data breach may have leaked classified law enforcement operations information to criminals
January 24, 2023
A company that provides tech solutions to law enforcement agencies has reportedly suffered a breach that might jeopardize ongoing police operations and undercover personnel. It is unclear if criminals currently under investigation have accessed the information, but the fact that cybercriminals have it and could potentially sell it is disturbing. On January 11, Wired reported that ...
- ACSC Ransomware Profile – Royal
January 24, 2023
The Australian Cyber Security Centre (ACSC) is aware of a ransomware variant called Royal, which is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data and ...
- Vice Society Ransomware Group Targets Manufacturing Companies
January 24, 2023
The Vice Society ransomware group made headlines in late 2022 and early 2023 during a spate of attacks against several targets, such as the one that affected the rapid transit system in San Francisco. Most reports have the threat actor focusing its efforts on the education and the healthcare industries. However, through Trend Micro’s telemetry data, ...
- New wave of attacks use ProxyNotShell/OWASSRF vulnerabilities to target Microsoft Exchange
January 24, 2023
Researchers at S.C. Bitdefender SRL today warned of a new wave of attacks using known vulnerabilities to target Microsoft Exchange. The researchers started to notice an increase in attacks using ProxyNotShell/OWASSRF exploits to target on-premises Microsoft Exchange deployments at the end of November. The Server-Side Request Forgery attacks allow an attacker to send a crafted request ...
- LastPass owner GoTo says hackers stole customers’ backups
January 24, 2023
LastPass’ parent company GoTo – formerly LogMeIn – has confirmed that cybercriminals stole customers’ encrypted backups during a recent breach of its systems. The breach was first confirmed by LastPass on November 30. At the time, LastPass chief executive Karim Toubba said an “unauthorized party” had gained access to some customers’ information stored in a third-party ...