In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.
Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced adversaries, and their customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks.
Read more…
Source: Microsoft
Related:
- New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices
May 25, 2022
Tremd Micro researchers recently observed multiple Linux-based ransomware detections that malicious actors launched to target VMware ESXi servers, a bare-metal hypervisor for creating and running several virtual machines (VMs) that share the same hard drive storage. Trend Micro encountered Cheerscrypt, a new ransomware family, that has been targeting a customer’s ESXi server used to manage ...
- Fake Windows exploits target infosec community with Cobalt Strike
May 24, 2022
A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. Whoever is behind these attacks took advantage of recently patched Windows remote code execution vulnerabilities tracked as CVE-2022-24500 and CVE-2022-26809. When Microsoft patches a vulnerability, it is common for security researchers to analyze the fix and release proof-of-concept ...
- Anatomy of a DDoS amplification attack
May 23, 2022
Amplification attacks are one of the most common distributed denial of service (DDoS) attack vectors. These attacks are typically categorized as flooding or volumetric attacks, where the attacker succeeds in generating more traffic than the target can process, resulting in exhausting its resources due to the amount of traffic it receives. In this blog, we start ...
- PDF smuggles Microsoft Word doc to drop Snake Keylogger malware
May 22, 2022
Threat analysts have discovered a recent malware distribution campaign using PDF attachments to smuggle malicious Word documents that infect users with malware. The choice of PDFs is unusual, as most malicious emails today arrive with DOCX or XLS attachments laced with malware-loading macro code. However, as people become more educated about opening malicious Microsoft Office attachments, threat ...
- Ransomware attack exposes data of 500,000 Chicago students
May 21, 2022
The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December. Ohio-based Battelle for Kids is a not-for-profit educational organization that analyzes student data shared by public school systems to design instructional models and ...
- China-linked Twisted Panda caught spying on Russian defense R&D
May 20, 2022
Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research. The new campaign, dubbed Twisted Panda, is part of a larger, state-sponsored espionage operation that has been ongoing for several months, if not nearly a year, according to the security shop. In a technical analysis, the researchers detail ...