Lucene search
K

50 matches found

The Hacker News
The Hacker News
added 2024/10/14 10:43 a.m.19 views

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 - Oct 13)

Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land " – and trust me, you NEED to be in the loop this time. We've got everything from zero-day exploits and AI gone rogue to the FBI playing crypto kingpin – it's full of stuff they don't 🤫 want you to know. So let's...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/08 10:58 a.m.24 views

Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version

A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis techniques to fly under the radar. "These enhancements aim to increase the malware's stealthiness, thereby remaining undetected for longer periods of time," Zscaler ThreatLabz...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2024/04/28 12:30 p.m.60 views

CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training

CrimsonEDR is an open-source project engineered to identify specific malware patterns, offering a tool for honing skills in circumventing Endpoint Detection and Response EDR. By leveraging diverse detection methods, it empowers users to deepen their understanding of security evasion tactics...

7.7AI score
Exploits0References1
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/04/13 5:0 p.m.20 views

Threat actors strive to cause Tax Day headaches

Threat actors often take advantage of current events and major news headlines to align attacks and leverage social engineering when people could be more likely to be distracted or misled. Tax season is particularly appealing to threat actors because not only are people busy and under stress, but ...

6.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/04/13 5:0 p.m.29 views

Threat actors strive to cause Tax Day headaches

Threat actors often take advantage of current events and major news headlines to align attacks and leverage social engineering when people could be more likely to be distracted or misled. Tax season is particularly appealing to threat actors because not only are people busy and under stress, but ...

6.9AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/04/11 5:0 p.m.95 views

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface UEFI bootkit called BlackLotus. UEFI bootkits are particularly dangerous as they run at computer...

4.9CVSS7.1AI score0.05979EPSS
Exploits1
Microsoft Secure
Microsoft Secure
added 2023/04/11 5:0 p.m.70 views

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface UEFI bootkit called BlackLotus. UEFI bootkits are particularly dangerous as they run at computer...

4.9CVSS7.1AI score0.05979EPSS
Exploits1
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/09/13 4:0 p.m.17 views

Secure your endpoints with Transparity and Microsoft

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Endpoint protection platforms EPPs are dead and no longer sufficient to protect your organization, right? Wrong. When it comes to cybersecurity, the ability to normalize and correlat...

6.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/09/13 4:0 p.m.15 views

Secure your endpoints with Transparity and Microsoft

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Endpoint protection platforms EPPs are dead and no longer sufficient to protect your organization, right? Wrong. When it comes to cybersecurity, the ability to normalize and correlat...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/08 5:38 a.m.55 views

Microsoft Warns of Ransomware Attacks by Iranian Phosphorus Hacker Group

Microsoft's threat intelligence division on Wednesday assessed that a subgroup of the Iranian threat actor tracked as Phosphorus is conducting ransomware attacks as a "form of moonlighting" for personal gain. The tech giant, which is monitoring the activity cluster under the moniker DEV-0270 aka...

1.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/08/18 5:0 p.m.20 views

Hardware-based threat defense against increasingly complex cryptojackers

Even with the dip in the value of cryptocurrencies in the past few months, cryptojackers – trojanized coin miners that attackers distribute to use compromised devices’ computing power for their objectives – continue to be widespread. In the past several months, Microsoft Defender Antivirus detect...

0.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/07/27 2:0 p.m.67 views

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

The Microsoft Threat Intelligence Center MSTIC and the Microsoft Security Response Center MSRC found a private-sector offensive actor PSOA using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and...

7.2CVSS8.8AI score0.52005EPSS
Exploits0
Prion
Prion
added 2021/09/15 12:15 p.m.35 views

Remote code execution

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious Active...

6.8CVSS8.6AI score0.96843EPSS
Exploits38References4Affected Software5
ATTACKERKB
ATTACKERKB
added 2021/09/15 12:0 a.m.768 views

CVE-2021-40444

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious Active...

8.8CVSS7.7AI score0.96843EPSS
In wildExploits38References5
Microsoft CVE
Microsoft CVE
added 2021/09/07 7:0 a.m.278 views

Microsoft MSHTML Remote Code Execution Vulnerability

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious Active...

8.8CVSS0.6AI score0.96843EPSS
Exploits38
Microsoft Secure
Microsoft Secure
added 2021/05/18 4:0 p.m.34 views

Mitigate OT security threats with these best practices

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Chris Sistrunk, Technical Manager in...

7.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/03/25 9:21 p.m.543 views

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

Microsoft continues to monitor and investigate attacks exploiting the recent on-premises Exchange Server vulnerabilities. These attacks are now performed by multiple threat actors ranging from financially motivated cybercriminals to state-sponsored groups. To help customers who are not able to...

7.5CVSS0.5AI score0.99999EPSS
Exploits65
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/03/18 10:0 p.m.259 views

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

As cybercriminals continue to exploit unpatched on-premises versions of Exchange Server 2013, 2016, and 2019, we continue to actively work with customers and partners to help them secure their environments and respond to associated threats. To date, we have released a comprehensive Security Updat...

7.5CVSS0.6AI score0.99999EPSS
Exploits63
Microsoft Secure
Microsoft Secure
added 2021/03/18 10:0 p.m.241 views

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

As cybercriminals continue to exploit unpatched on-premises versions of Exchange Server 2013, 2016, and 2019, we continue to actively work with customers and partners to help them secure their environments and respond to associated threats. To date, we have released a comprehensive Security Updat...

7.5CVSS0.6AI score0.99999EPSS
Exploits63
Microsoft Secure
Microsoft Secure
added 2021/03/03 5:0 p.m.44 views

XLM + AMSI: New runtime defense against Excel 4.0 macro malware

We have recently expanded the integration of Antimalware Scan Interface AMSI with Office 365 to include the runtime scanning of Excel 4.0 XLM macros, to help antivirus solutions tackle the increase in attacks that use malicious XLM macros. This integration, an example of the many security feature...

7.2AI score
Exploits0
Rows per page
Query Builder