In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.
Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced adversaries, and their customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks.
Read more…
Source: Microsoft
Related:
- A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution
December 16, 2021
Google Project Zero researchers want to thank Citizen Lab for sharing a sample of the FORCEDENTRY exploit with them, and Apple’s Security Engineering and Architecture (SEAR) group for collaborating with Google Project Zero on the technical analysis. The editorial opinions reflected below are solely Project Zero’s and do not necessarily reflect those of the organizations ...
- PseudoManuscrypt: a mass-scale spyware attack campaign
December 16, 2021
In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group’s arsenal. In 2020, the group used Manuscrypt in attacks on defense enterprises in different countries. These attacks are described in the report “Lazarus targets defense industry with ThreatNeedle“. Curiously, the ...
- Hive ransomware enters big league with hundreds breached in four months
December 16, 2021
The Hive ransomware gang is more active and aggressive than its leak site shows, with affiliates attacking an average of three companies every day since the operation became known in late June. Security researchers gleaning information straight from Hive’s administrator panel found that affiliates had breached more than 350 organizations over four months. The gang’s data leak ...
- Lenovo laptops vulnerable to bug allowing admin privileges
December 16, 2021
Lenovo laptops, including ThinkPad and Yoga models, are vulnerable to a privilege elevation bug in the ImControllerService service allowing attackers to execute commands with admin privileges. The flaws are tracked as CVE-2021-3922 and CVE-2021-3969 and affect the ImControllerService component of all Lenovo System Interface Foundation versions below 1.1.20.3. When viewing the Windows services screen, this service ...
- Suspected Iranian hackers target airline with new backdoor
December 16, 2021
A suspected, state-sponsored Iranian threat group has attacked an airline with a never-before-seen backdoor. On Wednesday, cybersecurity researchers from IBM Security X-Force said an Asian airline was the subject of the attack, which likely began in October 2019 until 2021. The advanced persistent threat (APT) group ITG17, also known as MuddyWater, leveraged a free workspace channel on ...
- Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
December 14, 2021
While looking for potentially malicious implants that targeted Microsoft Exchange servers, Kaspersky researchers identified a suspicious binary that had been submitted to a multiscanner service in late 2020. Analyzing the code, researchers determined that the previously unknown binary is an IIS module, aimed at stealing credentials and enabling remote command execution from OWA. Kaspersky named ...