In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.
Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced adversaries, and their customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks.
Read more…
Source: Microsoft
Related:
- REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out
September 16, 2021
REvil victims, your prayers have been answered: There’s a universal decryptor key waiting to free you. Bitdefender is releasing a free, universal decryptor key to unlock data of victimized organizations that were encrypted by REvil/Sodinokibi ransomware attacks before the gang’s servers went belly-up on July 13. The firm announced that it’s giving away the universal key on ...
- Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk
September 16, 2021
Four Microsoft zero-day vulnerabilities in the Azure cloud platform’s Open Management Infrastructure (OMI) — a software that many don’t know is embedded in a host of services — show that OMI represents a significant security blind spot, researchers said. Collectively dubbed “OMIGOD” because of the name and the reaction of the researchers who discovered them, the ...
- APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
September 16, 2021
This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI), United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure Security Agency (CISA) to highlight the cyber threat associated with active exploitation of a newly identified vulnerability (CVE-2021-40539) in ManageEngine ADSelfService Plus—a self-service password management and single ...
- Airline Credential-Theft Takes Off in Widening Campaign
September 16, 2021
A two-year-old espionage campaign against the airline industry is ongoing, with AsyncRAT and other commodity remote-access trojans (RATs) helping those efforts take flight. The campaign can effectively be a bird strike to the business engine, so to speak, resulting in data theft, financial fraud or follow-on attacks, researchers said, who have uncovered new details about ...
- Ransomware encrypts South Africa’s entire Dept of Justice network
September 15, 2021
The justice ministry of the South African government is working on restoring its operations after a recent ransomware attack encrypted all its systems, making all electronic services unavailable both internally and to the public. As a consequence of the attack, the Department of Justice and Constitutional Development said that child maintenance payments are now on hold ...
- Attackers Impersonate DoT in Two-Day Phishing Scam
September 15, 2021
Threat actors impersonated the U.S. Department of Transportation (USDOT) in a two-day phishing campaign that used a combination of tactics – including creating new domains that mimic federal sites so as to appear to be legitimate – to evade security detections. Between Aug. 16-18, researchers at e-mail security provider INKY detected 41 phishing emails dangling the ...