Tag: attackers

Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/06/malvertising-campaign-leads-to-info-stealers-hosted-on-github/ Source: Microsoft Security Blog Title: Malvertising campaign leads to info stealers hosted on GitHub Feedly Summary: Microsoft detected a large-scale malvertising campaign in early December 2024 that impacted nearly one million devices globally. The attack originated from illegal streaming websites embedded with malvertising redirectors and ultimately redirected users to GitHub to deliver…

The Register: China’s Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets

—

by

Source URL: https://www.theregister.com/2025/03/05/china_silk_typhoon_update/ Source: The Register Title: China’s Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets Feedly Summary: They’re good at zero-day exploits, too Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing stolen API keys and cloud credentials in ongoing…

Hacker News: Vulnerability in partner.microsoft.com allows unauthenticated access

—

by

Source URL: https://nvd.nist.gov/vuln/detail/CVE-2024-49035 Source: Hacker News Title: Vulnerability in partner.microsoft.com allows unauthenticated access Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a significant vulnerability (CVE-2024-49035) related to improper access control in Microsoft’s Partner Center, allowing unauthenticated attackers to elevate their privileges over a network. The vulnerability is classified as critical due…

Unit 42: Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems

—

by

Source URL: https://unit42.paloaltonetworks.com/?p=138517 Source: Unit 42 Title: Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems Feedly Summary: A topological analysis and case studies add nuance to a study of malicious traffic distribution systems. We compare their use by attackers to benign systems. The post Beneath the Surface: Detecting and Blocking Hidden Malicious…

The Register: Ransomware thugs threaten Tata Technologies with leak if demands not met

—

by

Source URL: https://www.theregister.com/2025/03/05/tata_technologies_hiunters_international/ Source: The Register Title: Ransomware thugs threaten Tata Technologies with leak if demands not met Feedly Summary: Hunters International ready to off-shore 1.4 TB of info allegedly swiped from Indian giant A subsidiary of Indian multinational Tata has allegedly fallen victim to the notorious ransomware gang Hunters International.… AI Summary and Description:…

The Register: VMware patches guest-to-hypervisor escape flaws already under attack

Mar 4, 2025

—

by

Source URL: https://www.theregister.com/2025/03/04/vmware_plugs_three_hypervisorhijack_holes/ Source: The Register Title: VMware patches guest-to-hypervisor escape flaws already under attack Feedly Summary: The heap overflow in the memory unsafe code by Miss Creant Broadcom today pushed out patches for three VMware hypervisor-hijacking bugs, including one rated critical, that have already been found and exploited by criminals.… AI Summary and Description:…

Slashdot: CISA Tags Windows, Cisco Vulnerabilities As Actively Exploited

Mar 4, 2025

—

by

Source URL: https://it.slashdot.org/story/25/03/04/0315205/cisa-tags-windows-cisco-vulnerabilities-as-actively-exploited?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: CISA Tags Windows, Cisco Vulnerabilities As Actively Exploited Feedly Summary: AI Summary and Description: Yes Summary: The text discusses recent alerts from CISA regarding the exploitation of vulnerabilities in Cisco VPN routers and Windows systems. It emphasizes the urgency for federal agencies to secure their networks against these threats,…

The Register: Microsoft signed a dodgy driver and now ransomware scum are exploiting it

Mar 4, 2025

—

by

Source URL: https://www.theregister.com/2025/03/04/paragon_partition_manager_ransomware_driver/ Source: The Register Title: Microsoft signed a dodgy driver and now ransomware scum are exploiting it Feedly Summary: Five flaws found in Paragon Partition Manager’s kernel-level .sys Ransomware crooks are exploiting a third-party Windows kernel-level driver used and provided by disk management tool Paragon Partition Manager.… AI Summary and Description: Yes Summary:…

Cloud Blog: Not Lost in Translation: Rosetta 2 Artifacts in macOS Intrusions

Mar 3, 2025

—

by