In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.
Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced adversaries, and their customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks.
Read more…
Source: Microsoft
Related:
- IIS modules: The evolution of web shells and how to detect them
December 12, 2022
Web exploitation and web shells are some of the most common entry points in the current threat landscape. Web servers provide an external avenue directly into your corporate network, which often results in web servers being an initial intrusion vector or mechanism of persistence. Monitoring for exploitation and web shells should be a high priority ...
- Ransomware group Play threatens to publish Antwerp’s data
December 12, 2022
Ransomware group Play claims to hold 557GB of data from the city of Antwerp. The local government fell victim to a ransomware attack last week. Play listed the city of Antwerp on its darkweb page on Sunday. The ransomware group uses the page to publicize victims. Play claims to hold 557GB of city data, including passports ...
- Precious Gemstones: The New Generation of Kerberos Attacks
December 12, 2022
Unit 42 researchers show new detection methods that help improve detection of a new line of Kerberos attacks, which allow attackers to modify Kerberos tickets to maintain privileged access. The most well-known example of this is the Golden Ticket attack, which allows threat actors to forge a ticket to masquerade as a high-privileged user. These two ...
- UK arrests five for selling ‘dodgy’ point of sale software
December 12, 2022
Tax authorities from Australia, Canada, France, the UK and the USA have conducted a joint probe into “electronic sales suppression software” – applications that falsify point of sale data to help merchants avoid paying tax on their true revenue. A Friday announcement from the Joint Chiefs of Global Tax Enforcement (known as the J5), states that ...
- Clop ransomware uses TrueBot malware for access to networks
December 11, 2022
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. The Silence group is known for its big heists against financial institutions, and has begun to shift from phishing as an initial compromise vector. The threat actor is also using a new custom data ...
- Air-gapped PCs vulnerable to data theft via power supply radiation
December 10, 2022
A new attack method named COVID-bit uses electromagnetic waves to transmit data from air-gapped systems, which are isolated from the internet, over a distance of at least two meters (6.5 ft), where it’s captured by a receiver. The information emanating from the isolated device could be picked up by a nearby smartphone or laptop, even if ...