In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.
Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced adversaries, and their customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks.
Read more…
Source: Microsoft
Related:
- 37 million T-Mobile customers hacked in data breach
January 20, 2023
T-Mobile said a “bad actor” accessed personal data from 37 million current customers in a November data breach. In a regulatory filing Thursday, the company said the hacker stole customer data that included names, billing addresses, emails, phone numbers, dates of birth, T-Mobile account numbers, and information describing the kind of service they have with the ...
- Ransomware severs 1,000 ships from on-shore servers
January 19, 2023
Norwegian maritime risk management business is getting a lesson in that very area, after a ransomware attack forced its ShipManager software offline and left 1,000 ships without a connection to on-shore servers. DNV said the attack happened on January 7, and updated its report yesterday to say it involved ransomware – but affected vessels are not ...
- Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner
January 19, 2023
Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill fast-food restaurant chains, has been targeted by a ransomware attack that forced the closure of 300 locations in the United Kingdom. Yum! Brands operates 53,000 restaurants across 155 countries and territories, with over $5 billion in total assets ...
- Following the LNK metadata trail
January 19, 2023
Microsoft announced at the beginning of 2022 that they would soon start to disable macros by default in Office documents downloaded from the Internet. They implemented the changes around June, only to remove the feature later that month. The feature was finally re-enabled by the end of July. Cisco Talos observed threat actors reacting to ...
- Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475)
January 19, 2023
Mandiant is tracking a suspected China-nexus campaign believed to have exploited a recently announced vulnerability in Fortinet’s FortiOS SSL-VPN, CVE-2022-42475, as a zero-day. Evidence suggests the exploitation was occurring as early as October 2022 and identified targets include a European government entity and a managed service provider located in Africa. Mandiant identified a new malware they ...
- Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
January 19, 2023
Roaming Mantis (a.k.a Shaoye) is well-known as a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal device information; it also uses phishing pages to steal user credentials, with a strong financial motivation. Kaspersky has been investigating the actor’s activity throughout 2022, and we observed a DNS changer ...