Lucene search
K

9 matches found

Microsoft Malware Protection
Microsoft Malware Protection
added 2023/07/06 5:0 p.m.52 views

The five-day job: A BlackByte ransomware intrusion case study

As ransomware attacks continue to grow in number and sophistication, threat actors can quickly impact business operations if organizations are not well prepared. In a recent investigation by Microsoft Incident Response previously known as Microsoft Detection and Response Team – DART of an...

10CVSS8.1AI score0.99999EPSS
Exploits23
The Hacker News
The Hacker News
added 2022/11/14 6:5 a.m.63 views

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor's infection chain. Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that's used to...

1.5AI score
Exploits0
Trellix
Trellix
added 2022/06/06 12:0 a.m.11 views

Growling Bears Make Thunderous Noise

Growling Bears Make Thunderous Noise By Trellix · June 6, 2022 Per public attribution, Russian cybercriminal groups have always been active. Their tactics, techniques, and procedures TTPs have not significantly evolved over time, although some changes have been observed. Lately, the threat...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/21 10:0 a.m.510 views

New Incident Report Reveals How Hive Ransomware Targets Organizations

A recent Hive ransomware attack carried out by an affiliate involved the exploitation of "ProxyShell" vulnerabilities in the Microsoft Exchange Server that were disclosed last year to encrypt an unnamed customer's network. "The actor managed to achieve its malicious goals and encrypt the...

10CVSS1.9AI score0.99999EPSS
Exploits18
HackRead
HackRead
added 2021/11/16 4:44 p.m.21 views

ProxyShell vulnerabilities exploited in domain-wide ransomware attacks

By Deeba Ahmed The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets. This is a post from HackRead.com Read the original post: ProxyShell vulnerabilities exploited in domain-wide ransomware attacks...

7.1AI score
Exploits0
Information Security Automation
Information Security Automation
added 2021/08/31 11:16 p.m.248 views

Security News: Exchange ProxyShell, Zoom RCE, Citrix Canceled PT Acknowledgments, Cisco No Patch Router RCEs

Hello everyone! This is a new episode with my comments on the latest Information Security news. Exchange ProxyShell I want to start with something about attacks on Exchange. ProxyShell is in the news, the LockFile ransomware compromised more than 2000 servers. On the other hand, there is basicall...

10CVSS9.9AI score0.99999EPSS
Exploits70
ThreatPost
ThreatPost
added 2021/08/23 6:54 p.m.54 views

ProxyShell Attacks Pummel Unpatched Exchange Servers

Over the weekend, the Cybersecurity & Infrastructure Security Agency CISA issued an urgent alert that attackers are actively attacking ProxyShell vulnerabilities in unpatched Microsoft Exchange Servers, joining researchers in urging organizations to immediately install the latest Microsoft Securi...

10CVSS8.9AI score0.99999EPSS
Exploits18References13
CISA
CISA
added 2021/08/21 12:0 a.m.135 views

Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities

Malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. An attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine. CISA strongly urges organizations to identify vulnerable...

10CVSS2.8AI score0.99999EPSS
In wildExploits18References4
The Hacker News
The Hacker News
added 2021/08/13 9:46 a.m.12820 views

Hackers Actively Searching for Unpatched Microsoft Exchange Servers

Threat actors are actively carrying out opportunistic scanning and exploitation of Exchange servers using a new exploit chain leveraging a trio of flaws affecting on-premises installations, making them the latest set of bugs after ProxyLogon vulnerabilities were exploited en masse at the start of...

10CVSS0.1AI score0.99999EPSS
Exploits83
Rows per page
Query Builder