In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.
Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced adversaries, and their customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks.
Read more…
Source: Microsoft
Related:
- Vulnerabilities in Alyac antivirus program could stop virus scanning, cause code execution
August 3, 2022
Cisco Talos recently discovered out-of-bounds read and buffer overflow vulnerabilities in ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition or arbitrary code execution. Alyac is an antivirus software developed for Microsoft Windows machines. TALOS-2022-1452 (CVE-2022-21147) is a vulnerability that exists in a specific Alyac module that, eventually, leads to a crash of Alyac’s ...
- Examining New DawDropper Banking Dropper and DaaS on the Dark Web
August 2, 2022
Malicious actors have been surreptitiously adding a growing number of banking trojans to Google Play Store via malicious droppers this year, proving that such a technique is effective in evading detection. Additionally, because there is a high demand for novel ways to distribute mobile malware, several malicious actors claim that their droppers could help other ...
- Website of Taiwan’s presidential office receives overseas cyber attack
August 2, 2022
The website of Taiwan’s presidential office received an overseas cyber attack on Tuesday and was at one point malfunctioning, a source briefed on the matter said. The website was shortly brought back online, the source told Reuters. U.S. House of Representatives Speaker Nancy Pelosi was expected to arrive in Taipei later on Tuesday, people briefed on ...
- Bot army risk as 3,000+ apps found spilling Twitter API keys
August 2, 2022
Want to build your own army? Engineers at CloudSEK have published a report on how to do just that in terms of bots and Twitter, thanks to API keys leaking from applications. Researchers at the company say they’ve uncovered 3,207 apps leaking Twitter API keys, which can be used to gain access to or even entirely ...
- SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant
August 2, 2022
Trend Micro researchers recently analyzed a sample of a new SolidBit ransomware variant that targets users of popular video games and social media platforms. The malware was uploaded to GitHub, where it is disguised as different applications, including a League of Legends account checker tool (Figure 1) and an Instagram follower bot, to lure in ...
- Manjusaka: A Chinese sibling of Sliver and Cobalt Strike
August 2, 2022
Cisco Talos has discovered a relatively new attack framework called “Manjusaka” (which can be translated to “cow flower” from the Simplified Chinese writing) by their authors, being used in the wild. As defenders, it is important to keep track of offensive frameworks such as Cobalt Strike and Sliver so that enterprises can effectively defend against attacks ...