Lucene search
+L

215 matches found

mssecure
mssecure
added 2025/10/30 6:0 p.m.6 views

The 5 generative AI security threats you need to know about detailed in new e-book

Generative AI is reshaping the way security teams operate—accelerating threat detection, automating workflows, and enabling scale. But as defenders embrace AI to strengthen their posture, cyberattackers are doing the same to evolve faster than traditional defenses can adapt. Microsoft’s 2025...

7.1AI score
Exploits0
mssecure
mssecure
added 2025/10/22 4:0 p.m.8 views

The CISO imperative: Building resilience in an era of accelerated cyberthreats

The latest Microsoft Digital Defense Report 2025 paints a vivid picture of a cyberthreat landscape in flux. The surge in financially motivated cyberattacks and the persistent risk of nation-state actors demand urgent attention. But for those of us in the Office of the Chief Information Security...

7.4AI score
Exploits0
schneier
schneier
added 2025/09/24 11:9 a.m.7 views

US Disrupts Massive Cell Phone Array in New York

This is a weird story: The US Secret Service disrupted a network of telecommunications devices that could have shut down cellular systems as leaders gather for the United Nations General Assembly in New York City. The agency said on Tuesday that last month it found more than 300 SIM servers and...

6.8AI score
Exploits0
trellix
trellix
added 2025/01/07 12:0 a.m.6 views

Blurring the Lines: How Nation-States and Organized Cybercriminals Are Becoming Alike

Blurring the Lines: How Nation-States and Organized Cybercriminals Are Becoming Alike By Tomer Shloman · January 7, 2025 The distinction between nation-state actors and organized cybercriminals is becoming increasingly blurred in our rapidly evolving cyber landscape. Historically, these groups ha...

7.4AI score
Exploits0
thn
thn
added 2024/08/07 1:29 p.m.39 views

Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords

Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim's web browser and steal sensitive information from their account under specific circumstances. "When a victim views a malicious...

9.3CVSS7.7AI score0.84446EPSS
Exploits9
thn
thn
added 2024/05/21 7:13 a.m.56 views

NextGen Healthcare Mirth Connect Under Attack - CISA Issues Urgent Warning

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The flaw, tracked as CVE-2023-43208 CVSS score: N/A, concerns a cas...

10CVSS9.2AI score0.99991EPSS
Exploits62
thn
thn
added 2024/03/05 10:38 a.m.39 views

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets

More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLin...

7.4AI score
Exploits0
thn
thn
added 2024/02/15 11:30 a.m.19 views

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security Wing, a SaaS...

6.8AI score
Exploits0
thn
thn
added 2024/02/14 2:39 p.m.37 views

Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyber Attacks

Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence AI and large language models LLMs to complement their ongoing cyber attack operations. The findings come from a report published by Microsoft in collaboration with OpenAI, both ...

7AI score
Exploits0
trellix
trellix
added 2024/02/13 12:0 a.m.18 views

Cyberattack on Democracy: Escalating Cyber Threats Immediately Ahead of Taiwan’s 2024 Presidential Election

Cyberattack on Democracy: Escalating Cyber Threats Immediately Ahead of Taiwan’s 2024 Presidential Election By Anne An · February 13, 2024 Preface Cybersecurity has become an integral part of election security. Nation-state actors and other politically motivated groups are likely to try to...

6.7AI score
Exploits0
thn
thn
added 2024/01/20 4:31 a.m.69 views

CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday issued an emergency directive urging Federal Civilian Executive Branch FCEB agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure ICS and Ivanti Policy Secure IPS products...

9.1CVSS9.7AI score0.99999EPSS
Exploits23
thn
thn
added 2024/01/12 1:53 p.m.88 views

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure ICS VPN appliances since early December 2023. "These families allow the threat actors to circumvent...

9.1CVSS9.2AI score0.99999EPSS
Exploits23
mmpc
mmpc
added 2023/08/15 4:0 p.m.24 views

How the Microsoft Incident Response team helps customers remediate threats

Each year, organizations face tens of billions of malware, phishing, and credential threats—with real-world impacts. When an attack succeeds, it can result in grave impacts on any industry. For example, it could delay a police or fire department’s response to an emergency, prevent a hospital from...

7.5AI score
Exploits0
thn
thn
added 2023/08/05 4:13 a.m.468 views

Researchers Uncover New High-Severity Vulnerability in PaperCut Software

Cybersecurity researchers have discovered a new high-severity security flaw in PaperCut print management software for Windows that could result in remote code execution under specific circumstances. Tracked as CVE-2023-39143 CVSS score: 8.4, the flaw impacts PaperCut NG/MF prior to version 22.1.3...

9.8CVSS7.9AI score0.99999EPSS
Exploits27
mssecure
mssecure
added 2023/04/18 3:0 p.m.20 views

Microsoft shifts to a new threat actor naming taxonomy

April 19, 2023 update – We have published a JSON file mapping old threat actor names with their new names in the updated taxonomy, summarized here: https://aka.ms/threatactors. We also added hunting queries that Microsoft customers can use while transitioning to the new taxonomy. See the Resource...

6.9AI score
Exploits0
mmpc
mmpc
added 2023/04/18 3:0 p.m.22 views

Microsoft shifts to a new threat actor naming taxonomy

April 19, 2023 update – We have published a JSON file mapping old threat actor names with their new names in the updated taxonomy, summarized here: https://aka.ms/threatactors. We also added hunting queries that Microsoft customers can use while transitioning to the new taxonomy. See the Resource...

6.9AI score
Exploits0
mmpc
mmpc
added 2022/11/10 5:0 p.m.16 views

Microsoft threat intelligence presented at CyberWarCon 2022

At CyberWarCon 2022, Microsoft and LinkedIn analysts presented several sessions detailing analysis across multiple sets of actors and related activity. This blog is intended to summarize the content of the research covered in these presentations and demonstrates Microsoft Threat Intelligence...

0.1AI score
Exploits0
thn
thn
added 2022/11/05 6:0 a.m.262 views

Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities

Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has "observed a reduction in the time between the...

10CVSS0.4AI score0.99999EPSS
Exploits101
ics
ics
added 2022/09/22 12:0 p.m.30 views

Control System Defense: Know the Opponent

Summary Traditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system OT/ICS assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for...

9.6AI score
Exploits0References46
malwarebytes
malwarebytes
added 2022/06/14 12:43 p.m.209 views

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

Microsoft has warned that "multiple adversaries and nation-state actors" are making use of the recent Atlassian Confluence RCE vulnerability. A fix is now available for CVE-2022-26134. It is essential users of Confluence address the patching issue immediately. Confluence vulnerability: Background...

7.5CVSS10AI score0.99999EPSS
Exploits76
Rows per page
Query Builder