Found 18 bookmarks
Newest
Microsoft Dynamics 365 Customer Voice Phishing Scam
Microsoft Dynamics 365 Customer Voice Phishing Scam
Overview: Check Point researchers have identified a new phishing campaign that exploits Microsoft’s “Dynamics 365 Customer Voice,” a customer relationship Overview: Check Point researchers have identified a new phishing campaign that exploits Microsoft’s “Dynamics 365 Customer Voice,” a customer relationship management software product. It’s often used to record customer calls, monitor customer reviews, share surveys and track feedback. Microsoft 365 is used by over 2 million organizations worldwide. At least 500,000 organizations use Dynamics 365 Customer Voice, including 97% of Fortune 500 companies. In this campaign, cyber criminals send business files and invoices from compromised accounts, and include fake Dynamics 365 Customer Voice links. The email configuration looks legitimate and easily tricks email recipients into taking the bait. As part of this campaign, cyber criminals have deployed over 3,370 emails, with content reaching employees of over 350 organizations, the majority of which are American. More than a million different mailboxes were targeted. Affected entities include well-established community betterment groups, colleges and universities, news outlets, a prominent health information group, and organizations that promote arts and culture, among others.
#checkpoint#EN#2025#Microsoft#Dynamics#365#Customer#Voice#Phishing#Scam#analysis
·blog.checkpoint.com·
Microsoft Dynamics 365 Customer Voice Phishing Scam
Threat actors misuse Node.js to deliver malware and other malicious payloads | Microsoft Security Blog
Threat actors misuse Node.js to deliver malware and other malicious payloads | Microsoft Security Blog
Since October 2024, Microsoft Defender Experts has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to information theft and data exfiltration.
#microsoft#EN#2025#Node.js#malware#ClickFix#exfiltration#analysis#campaign
·microsoft.com·
Threat actors misuse Node.js to deliver malware and other malicious payloads | Microsoft Security Blog
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON | Microsoft Security Blog
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON | Microsoft Security Blog
At CYBERWARCON 2024, Microsoft Threat Intelligence analysts will share research and insights on North Korean and Chinese threat actors representing years of threat actor tracking, infrastructure monitoring and disruption, and their attack tooling.
#microsoft#EN#2024#CYBERWARCON#DPRK#North-Korea#China#analysis#intlligence
·microsoft.com·
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON | Microsoft Security Blog
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks. Microsoft has linked the source of these password spray attacks to a network of compromised devices we track as CovertNetwork-1658, also known as xlogin and Quad7 (7777). Microsoft is […]
#microsoft#EN#2024#Storm-0940#Quad7#CovertNetwork-1658#analysis
·microsoft.com·
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
Star Blizzard increases sophistication and evasion in ongoing attacks
Star Blizzard increases sophistication and evasion in ongoing attacks
Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.
#microsoft#EN#2023#Threat#Intelligence#Star-Blizzard#attacks#analysis
·microsoft.com·
Star Blizzard increases sophistication and evasion in ongoing attacks
Cadet Blizzard emerges as a novel and distinct Russian threat actor | Microsoft Security Blog
Cadet Blizzard emerges as a novel and distinct Russian threat actor | Microsoft Security Blog
Microsoft attributes several campaigns to a distinct Russian state-sponsored threat actor tracked as Cadet Blizzard (DEV-0586), including the WhisperGate destructive attack, Ukrainian website defacements, and the hack-and-leak front “Free Civilian”.
#microsoft#EN#2023#CadetBlizzard#DEV-0586#Russia#analysis
·microsoft.com·
Cadet Blizzard emerges as a novel and distinct Russian threat actor | Microsoft Security Blog
Preparing for a Russian cyber offensive against Ukraine this winter
Preparing for a Russian cyber offensive against Ukraine this winter
As we report more fully below, in the wake of Russian battlefield losses to Ukraine this fall, Moscow has intensified its multi-pronged hybrid technology approach to pressure the sources of Kyiv’s military and political support, domestic and foreign. This approach has included destructive missile and cyber strikes on civilian infrastructure in Ukraine, cyberattacks on Ukrainian and now foreign-based supply chains, and cyber-enabled influence operations[1]—intended to undermine US, EU, and NATO political support for Ukraine, and to shake the confidence and determination of Ukrainian citizens.
#Microsoft#EN#2022#iridium#russia-ukraine-war#Russia#cyberoffensive#analysis#winter
·blogs.microsoft.com·
Preparing for a Russian cyber offensive against Ukraine this winter
Preparing for a Russian cyber offensive against Ukraine this winter
Preparing for a Russian cyber offensive against Ukraine this winter
As we report more fully below, in the wake of Russian battlefield losses to Ukraine this fall, Moscow has intensified its multi-pronged hybrid technology approach to pressure the sources of Kyiv’s military and political support, domestic and foreign. This approach has included destructive missile and cyber strikes on civilian infrastructure in Ukraine, cyberattacks on Ukrainian and now foreign-based supply chains, and cyber-enabled influence operations[1]—intended to undermine US, EU, and NATO political support for Ukraine, and to shake the confidence and determination of Ukrainian citizens.
#Microsoft#EN#2022#iridium#russia-ukraine-war#Russia#cyberoffensive#analysis#winter
·blogs.microsoft.com·
Preparing for a Russian cyber offensive against Ukraine this winter