Lucene search
K

84 matches found

hivepro
hivepro
added 2022/08/02 10:7 a.m.19 views

Vulnerabilities & Threats that Matter 25 – 31st July

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 462 7 4 52 22 64 For a detailed threat digest, download the pdf file here Summary The Last week of July 2022 witnessed the discovery of 462 vulnerabilities out of which 7...

1.3AI score
Exploits0
hivepro
hivepro
added 2022/07/27 5:9 a.m.16 views

APT29 utilizes cloud storage service to deliver malicious payloads

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary APT29, a cyber espionage gang uses cloud storage services such as Google Drive and Dropbox to distribute malware to compromised systems. The gang used a phishing campaign that targeted several Western diplomatic...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/20 4:3 a.m.23 views

Russian Hackers Using DropBox and Google Drive to Drop Malicious Payloads — The Hacker News

The Russian state-sponsored hacking collective known as APT29 has been attributed to a new phishing campaign that takes advantage of legitimate cloud services like Google Drive and Dropbox to deliver malicious payloads on compromised systems. "These campaigns are believed to have targeted several...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/06 12:28 p.m.34 views

Hackers Abusing BRc4 Red Team Penetration Tool in Attacks to Evade Detection

Malicious actors have been observed abusing legitimate adversary simulation software in their attacks in an attempt to stay under the radar and evade detection. Palo Alto Networks Unit 42 said a malware sample uploaded to the VirusTotal database on May 19, 2022, contained a payload associated wit...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/02 11:40 a.m.27 views

Russian Hackers Targeting Diplomatic Entities in Europe, Americas, and Asia

A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022. Threat intelligence and incident response firm Mandiant attributed the attacks to a hacking group tracked as APT29 aka Co...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/09 10:46 a.m.143 views

Russian APT Hackers Used COVID-19 Lures to Target European Diplomats

The Russia-linked threat actor known as APT29 targeted European diplomatic missions and Ministries of Foreign Affairs as part of a series of spear-phishing campaigns mounted in October and November 2021. According to ESET's T3 2021 Threat Report shared with The Hacker News, the intrusions paved t...

7.8CVSS0.4AI score0.67252EPSS
Exploits11
The Hacker News
The Hacker News
added 2022/02/02 12:9 p.m.27 views

New Malware Used by SolarWinds Attackers Went Undetected for Years

The threat actor behind the supply chain compromise of SolarWinds has continued to expand its malware arsenal with new tools and techniques that were deployed in attacks as early as 2019, once indicative of the elusive nature of the campaigns and the adversary's ability to maintain persistent...

1.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/01/05 12:29 p.m.21 views

Mitigation of Supply Chain Risks in Microsoft 365

In this blog we review five attack techniques exploited to compromise MS 365 tenants. Qualys SaaS Detection & Response can be used by both IT and security teams to assess these threats, and then to fix common misconfigurations, hardening supply chain defenses. Last October, news of Microsoft 365 ...

0.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/10/13 12:41 p.m.28 views

Tenacity 2.0 – Emulating Threat groups

Introduction The previous article: Tenacity – An Adversary Emulation Tool for Persistence, walked us through the working of Tenacity, techniques it supports, and how it can help organizations and individuals to validate the risk posture. As with the second installment of the series, this post wil...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/28 6:15 a.m.32 views

Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers

Microsoft on Monday revealed new malware deployed by the hacking group behind the SolarWinds supply chain attack last December to deliver additional payloads and steal sensitive information from Active Directory Federation Services AD FS servers. The tech giant's Threat Intelligence Center MSTIC...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/30 10:0 a.m.69 views

Experts Uncover Several C&C Servers Linked to WellMess Malware

Cybersecurity researchers on Friday unmasked new command-and-control C2 infrastructure belonging to the Russian threat actor tracked as APT29, aka Cozy Bear, that has been spotted actively serving WellMess malware as part of an ongoing attack campaign. More than 30 C2 servers operated by the...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2021/07/26 3:0 p.m.178 views

Malware Makers Using ‘Exotic’ Programming Languages

Malware authors are increasingly using rarely spotted programming languages such as Go, Rust, Nim and DLang in order to create new tools and to hinder analysis, researchers have found. Use of those four languages is escalating in the number of malware families being identified, according to a...

8AI score
Exploits0References22
ThreatPost
ThreatPost
added 2021/06/28 7:11 p.m.124 views

Attackers Breach Microsoft Customer Service Accounts

The same group behind the SolarWinds supply-chain attacks has been targeting Microsoft’s corporate networks to gain access to specific organizations — primarily, U.S.-based IT and government organizations. Microsoft officially announced the attacks after Reuters obtained an email sent to customer...

7.6AI score
Exploits0References8
ICS
ICS
added 2021/05/29 12:0 p.m.44 views

Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

Summary This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency CISA and the...

10AI score
Exploits0References48
The Hacker News
The Hacker News
added 2021/05/08 12:24 p.m.524 views

Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild

Cyber operatives affiliated with the Russian Foreign Intelligence Service SVR have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. "SVR cyber operato...

10CVSS0.4AI score0.99999EPSS
Exploits356
ThreatPost
ThreatPost
added 2021/05/06 5:26 p.m.193 views

Ryuk Ransomware Attack Sprung by Frugal Student

A European biomolecular research institute involved in COVID-19 research lost a week’s worth of research data, all thanks to a Ryuk ransomware attack traced back to a student trying to save money by buying unlicensed software. Security researchers at Sophos described the attack in a report...

5.9AI score
Exploits0References17
ThreatPost
ThreatPost
added 2021/04/30 5:3 p.m.36 views

A Tale of Two Hacks: From SolarWinds to Microsoft Exchange

The past four months have exposed two high-profile attacks, which both had pundits declaring them the “worst-ever” and “unprecedented.” They shared other similarities – both attacked businesses rather than individuals, and affected tens of thousands of organizations. But that is where the...

6.6AI score
Exploits0References4
The Hacker News
The Hacker News
added 2021/04/27 9:14 a.m.216 views

FBI, CISA Uncover Tactics Employed by Russian Intelligence Hackers

The U.S. Cybersecurity and Infrastructure Security Agency CISA, Department of Homeland Security DHS, and the Federal Bureau of Investigation FBI on Monday published a new joint advisory as part of their latest attempts to expose the tactics, techniques, and procedures TTPs adopted by the Russian...

10CVSS1.3AI score0.99999EPSS
Exploits93
The Hacker News
The Hacker News
added 2021/04/22 1:18 p.m.250 views

Researchers Find Additional Infrastructure Used By SolarWinds Hackers

The sprawling SolarWinds cyberattack which came to light last December was known for its sophistication in the breadth of tactics used to infiltrate and persist in the target infrastructure, so much so that Microsoft went on to call the threat actor behind the campaign "skillful and methodic...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/04/16 6:10 p.m.187 views

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

The Feds are warning that nation-state actors are once again after U.S. assets, this time in a spate of cyberattacks that exploit five vulnerabilities that affect VPN solutions, collaboration-suite software and virtualization technologies. According to the U.S. National Security Agency NSA, which...

9CVSS0.3AI score0.99999EPSS
Exploits93References12
Rows per page
Query Builder