In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.
Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced adversaries, and their customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks.
Read more…
Source: Microsoft
Related:
- 20 Arrests In QQAAZZ Multi-Million Money Laundering Case
October 15, 2020
An unprecedented international law enforcement operation involving 16 countries has resulted in the arrest of 20 individuals suspected of belonging to the QQAAZZ criminal network which attempted to launder tens of millions of euros on behalf of the world’s foremost cybercriminals. Some 40 house searches were carried out in Latvia, Bulgaria, the United Kingdom, Spain and ...
- Microsoft Addresses Windows TCP/IP RCE/DoS Vulnerability
October 14, 2020
Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages ...
- FIN11 Cybercrime Gang Shifts Tactics to Double-Extortion Ransomware
October 14, 2020
The FIN11 financial crime gang is shifting its tactics from phishing and credential-theft to ransomware, researchers said. According to FireEye Mandiant researchers, FIN11 is notable for its “sheer volume of activity,” known to run up to five disparate wide-scale email phishing campaigns per week. “At this point, it would be difficult to name a client that ...
- Google, Intel Warn on ‘Zero-Click’ Kernel Bug in Linux-Based IoT Devices
October 14, 2020
Google and Intel are warning of a high-severity flaw in BlueZ, the Linux Bluetooth protocol stack that provides support for core Bluetooth layers and protocols to Linux-based internet of things (IoT) devices. According to Google, the vulnerability affects users of Linux kernel versions before 5.9 that support BlueZ. BlueZ, which is an open-source project distributed under ...
- Two New IoT Vulnerabilities Identified with Mirai Payloads
October 14, 2020
Palo Alto Networks is proactively trying to safeguard its customers from attacks however possible. By leveraging its Next-Generation Firewall as sensors on the perimeter to detect malicious payloads and attack patterns, Unit 42 researchers are able to hunt down the menaces out there on the network, be they known or not. Unit 42 researchers have taken ...
- Threat Brief: Microsoft Vulnerability CVE-2020-16898
October 14, 2020
In October 2020, during Microsoft’s Patch Tuesday, a security update (CVE-2020-16898) addressed a critical vulnerability discovered in IPv6 Router Advertisement Options (called “DNS RA options”). This vulnerability resides within the Windows TCP/IP stack that is responsible for handling RA packets. Current exploitation leads to a Denial of Service (DoS) with the possibility of remote code ...