121 matches found
WordPress Blizzard Quotes Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Blizzard Quotes Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-53729 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ed471ac7b5ce Credits SOPROBRO Required...
U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks
The U.S. government and a coalition of international partners have officially attributed a Russian hacking group tracked as Cadet Blizzard to the General Staff Main Intelligence Directorate GRU 161st Specialist Training Center Unit 29155. "These cyber actors are responsible for computer network...
Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack
Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would...
Russian Midnight Blizzard Breached UK Home Office via Microsoft
Russian hacking group Midnight Blizzard breached the UK Home Office, stealing sensitive data. Learn how they exploited supply…...
TeamViewer Confirms Security Breach by Russian Midnight Blizzard
TeamViewer reassures users after a security breach targeted an employee account. The company claims no customer data was…...
French Diplomatic Entities Targeted in Russian-Linked Cyber Attacks
State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard...
Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware
The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The post-compromise tool, which is said to have been used since at least June 2020 and possibly ...
Midnight Blizzard Attack Detection in Trellix Helix
Midnight Blizzard Attack Detection in Trellix Helix By Ian Shefferman · March 18, 2024 On January 25, 2024, Microsoft reported a breach of their systems by the Russian APT group Midnight Blizzard, also known as APT29 and Cozy Bear. The attackers performed a password spray, compromised a Microsoft...
Russian Midnight Blizzard Hackers Breached Microsoft Source Code
By Deeba Ahmed Midnight Blizzard aka Cozy Bear and APT29 originally breached Microsoft on January 12, 2024. This is a post from HackRead.com Read the original post: Russian Midnight Blizzard Hackers Breached Microsoft Source Code...
Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets
Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard aka APT29 or Cozy Bear managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. "In recent weeks, we have seen evidence that...
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
This blog provides an update on the nation-state attack that was detected by the Microsoft Security Team on January 12, 2024. As we shared, on January 19, the security team detected this attack on our corporate email systems and immediately activated our response process. The Microsoft Threat...
Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyber Attacks
Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence AI and large language models LLMs to complement their ongoing cyber attack operations. The findings come from a report published by Microsoft in collaboration with OpenAI, both ...
Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know
The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches — safeguarding the integrity of SaaS apps and their sensitive data is critical but is no...
Midnight Blizzard attack on Microsoft corporate environment: a detailed analysis, detections and recommendations
Get a detailed analysis of the entire attack chain of Microsoft's breach by Midnight Blizzard APT29, as well as detection and mitigation recommendations...
Midnight Blizzard Exploiting Legacy OAuth for Lateral Movement
Summary: Midnight Blizzard exploited a legacy test OAuth application with elevated access due to a common password and lack of multi-factor authentication MFA. The attackers leveraged this access to move laterally within Microsofts network, potentially exfiltrating data and gaining broader contro...
Microsoft Executives Hacked
Microsoft is reporting that a Russian intelligence agency--the same one responsible for SolarWinds--accessed the email system of the companys executives. Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and ga...
Microsoft got hacked by state sponsored group it was investigating
In a spy-vs-spy type of scenario, Microsoft has acknowledged that a group called Midnight Blizzard also known as APT29 or Cozy Bear, gained access to a Microsoft legacy non-production test tenant account. According to Microsoft, the group managed to access the account in November after subjecting...
Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. Microsoft has identified the threat...
Microsoft Warns of COLDRIVER's Evolving Evasion and Credential-Stealing Tactics
The threat actor known as COLDRIVER has continued to engage in credential theft activities against entities that are of strategic interests to Russia while simultaneously improving its detection evasion capabilities. The Microsoft Threat Intelligence team is tracking under the cluster as Star...
Star Blizzard increases sophistication and evasion in ongoing attacks
Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard formerly SEABORGIUM, also known as COLDRIVER and Callisto Group. Star Blizzard has improved their detection evasion capabilities since 2022 while...