APT10: Japan-Linked Organizations Targeted in Long-Running and Sophisticated Attack Campaign

A large-scale attack campaign is targeting multiple Japanese companies, including subsidiaries located in as many as 17 regions around the globe in a likely intelligence-gathering operation. Companies in multiple sectors are targeted in this campaign, including those operating in the Read More …

Microsoft Addresses Windows TCP/IP RCE/DoS Vulnerability

Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of Read More …

Zerologon Attacks Against Microsoft DCs Snowball in a Week

A spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, known as the Zerologon bug, continues to plague businesses. That’s according to researchers from Cisco Talos, who warned that cybercriminals are redoubling their efforts to trigger the elevation-of-privilege bug in Read More …

Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs

The U.S. government is warning that Chinese threat actors have successfully compromised several government and private sector entities in recent months, by exploiting vulnerabilities in F5 BIG-IP devices, Citrix and Pulse Secure VPNs and Microsoft Exchange servers. Patches are currently Read More …

APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins

The Russia-linked threat group known as APT28 has changed up its tactics to include Office 365 password-cracking and credential-harvesting. Microsoft researchers have tied APT28 (a.k.a. Strontium, Sofacy or Fancy Bear) to this newly uncovered pattern of O365 activity, which began Read More …

Microsoft confirms Chinese, Iranian, and Russian cyber-attacks on Biden and Trump campaigns

Microsoft said today that Chinese, Iranian, and Russian state-sponsored hackers had tried to breach email accounts belonging to people associated with the Biden and Trump election campaigns. The “majority of these attacks” were detected and blocked, according to Tom Burt, Read More …