In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.
Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced adversaries, and their customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks.
Read more…
Source: Microsoft
Related:
- Aquatic Panda Used Log4Shell Exploit Tools During Hands-on Intrusion Attempt – CrowdStrike
December 29, 2021
Since the vulnerability was announced, CrowdStrike’s OverWatch threat hunters have been continuously ingesting the latest insights about the Log4j vulnerability as well as publicly disclosed exploit methods to influence their continuous hunting operations. On Dec. 14, 2021, VMware issued guidance around elements of VMware’s Horizon service found to be vulnerable to Log4j exploits. This led ...
- Fintech firm hit by log4j hack refuses to pay $5 million ransom
December 29, 2021
One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Soon enough, threat actors approached ONUS to extort a $5 million sum and threatened to publish the customer data should ONUS refuse to comply. After the company’s refusal to pay the ransom, threat actors ...
- New Flagpro malware linked to Chinese state-backed hackers
December 28, 2021
BlackTech cyber-espionage APT (advanced persistent threat) group has been spotted targeting Japanese companies using novel malware that researchers call ‘Flagpro’. The threat actor uses Flagpro in the initial stage of an attack for network reconnaissance, to evaluate the target’s environment, and to download second-stage malware and execute it. The infection chain begins with a phishing email crafted ...
- West Virginia State workers to be paid on time despite ransomware attack
December 27, 2021
West Virginia state workers will be paid on schedule this week, despite a ransomware attack that recently crippled a software provider that helps manage time and leave for more than 35,000 state employees. The State Auditor’s Office reassured employees Monday that checks will be deposited on schedule Friday. For additional assurance, officials urged state workers to check ...
- QNAP NAS devices hit in surge of ech0raix ransomware attacks
December 27, 2021
Users of QNAP network-attached storage (NAS) devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt. The threat actor behind this particular malware intensified their activity about a week before Christmas, taking control of the devices with administrator privileges. Attack count jumps before Christmas BleepingComputer forum users managing QNAP and Synology NAS systems ...
- Rook ransomware is yet another spawn of the leaked Babuk code
December 24, 2021
A new ransomware operation named Rook has appeared recently on the cyber-crime space, declaring a desperate need to make “a lot of money” by breaching corporate networks and encrypting devices. Although the introductory statements on their data leak portal were marginally funny, the first victim announcements on the site have made it clear that Rook is ...