Search cyberveille.decio.ch

Found 16 bookmarks

Custom sorting

Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON | Microsoft Security Blog

At CYBERWARCON 2024, Microsoft Threat Intelligence analysts will share research and insights on North Korean and Chinese threat actors representing years of threat actor tracking, infrastructure monitoring and disruption, and their attack tooling.

#microsoft #EN #2024 #CYBERWARCON #DPRK #North-Korea #China #analysis #intlligence

·microsoft.com·Nov 22, 2024

Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON | Microsoft Security Blog

Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network

Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks. Microsoft has linked the source of these password spray attacks to a network of compromised devices we track as CovertNetwork-1658, also known as xlogin and Quad7 (7777). Microsoft is […]

#microsoft #EN #2024 #Storm-0940 #Quad7 #CovertNetwork-1658 #analysis

·microsoft.com·Nov 1, 2024

Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network

ReliaQuest Uncovers New Black Basta Social Engineering Technique - ReliaQuest

ReliaQuest has observed a new Black Basta social engineering campaign targeting users via Microsoft Teams and malicious QR codes.

#reliaquest #EN #2024 #social-engineering #BlackBasta #Microsoft #Teams #QRCode #analysis

·reliaquest.com·Oct 30, 2024

ReliaQuest Uncovers New Black Basta Social Engineering Technique - ReliaQuest

You’ve Got Mail: Critical Microsoft Outlook Vulnerability Executes as Email is Opened

Morphisec researchers have identified a critical Microsoft Outlook vulnerability, CVE-2024-30103, and detail its technical impact and recommended actions.

#morphisec #EN #2024 #CVE-2024-30103 #Microsoft #Outlook #analysis

·blog.morphisec.com·Jun 12, 2024

You’ve Got Mail: Critical Microsoft Outlook Vulnerability Executes as Email is Opened

Star Blizzard increases sophistication and evasion in ongoing attacks

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.

#microsoft #EN #2023 #Threat #Intelligence #Star-Blizzard #attacks #analysis

·microsoft.com·Dec 8, 2023

Star Blizzard increases sophistication and evasion in ongoing attacks

Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction

Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for many organizations across multiple industries.

#microsoft #EN #2023 #analysis #OctoTempest #campaigns #tactics

·microsoft.com·Nov 2, 2023

Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction

Compromised Microsoft Key: More Impactful Than We Thought

Our investigation of the security incident disclosed by Microsoft and CISA and attributed to Chinese threat actor Storm-0558, found that this incident seems to have a broader scope than originally assumed. Organizations using Microsoft and Azure services should take steps to assess potential impact.

#wiz #EN #2023 #Microsoft #Key #OWA #postmortem #analysis #Storm-0558

·wiz.io·Sep 7, 2023

Compromised Microsoft Key: More Impactful Than We Thought

Cadet Blizzard emerges as a novel and distinct Russian threat actor | Microsoft Security Blog

Microsoft attributes several campaigns to a distinct Russian state-sponsored threat actor tracked as Cadet Blizzard (DEV-0586), including the WhisperGate destructive attack, Ukrainian website defacements, and the hack-and-leak front “Free Civilian”.

#microsoft #EN #2023 #CadetBlizzard #DEV-0586 #Russia #analysis

·microsoft.com·Jun 14, 2023

Cadet Blizzard emerges as a novel and distinct Russian threat actor | Microsoft Security Blog

MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog

Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments.

#microsoft #EN #2023 #MERCURY #DEV-1084 #analysis #cloud #hybrid #environment #Iran #TTPs #operation

·microsoft.com·Apr 10, 2023

MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog

A Noteworthy Threat: How Cybercriminals are Abusing OneNote

Threat actors are taking advantage of Microsoft OneNote's ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files.

#trustwave #EN #2023 #Microsoft #OneNote #phishing #malicious #analysis

·trustwave.com·Mar 8, 2023

A Noteworthy Threat: How Cybercriminals are Abusing OneNote

Preparing for a Russian cyber offensive against Ukraine this winter

As we report more fully below, in the wake of Russian battlefield losses to Ukraine this fall, Moscow has intensified its multi-pronged hybrid technology approach to pressure the sources of Kyiv’s military and political support, domestic and foreign. This approach has included destructive missile and cyber strikes on civilian infrastructure in Ukraine, cyberattacks on Ukrainian and now foreign-based supply chains, and cyber-enabled influence operations[1]—intended to undermine US, EU, and NATO political support for Ukraine, and to shake the confidence and determination of Ukrainian citizens.

#Microsoft #EN #2022 #iridium #russia-ukraine-war #Russia #cyberoffensive #analysis #winter

·blogs.microsoft.com·Dec 3, 2022

Preparing for a Russian cyber offensive against Ukraine this winter