Microsoft Threat Intelligence – Page 2 – Experimental News Clipping Site

The Register: That ‘angry guest’ email from Booking.com? It’s a scam, not a 1-star review

Mar 13, 2025

—

by

Source URL: https://www.theregister.com/2025/03/13/bookingdotcom_phishing_campaign/ Source: The Register Title: That ‘angry guest’ email from Booking.com? It’s a scam, not a 1-star review Feedly Summary: Phishers check in, your credentials check out, Microsoft warns An ongoing phishing campaign disguised as a Booking.com email casts keystroke and credential-stealing malware into hospitality employees’ inboxes for financial fraud and theft, according…

Microsoft Security Blog: New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

Mar 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/11/new-xcsset-malware-adds-new-obfuscation-persistence-techniques-to-infect-xcode-projects/ Source: Microsoft Security Blog Title: New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects Feedly Summary: Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects, in the wild. Its first known variant since 2022, this latest XCSSET malware features…

Slashdot: Microsoft Admits GitHub Hosted Malware That Infected Almost a Million Devices

Mar 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/03/10/1652235/microsoft-admits-github-hosted-malware-that-infected-almost-a-million-devices?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Microsoft Admits GitHub Hosted Malware That Infected Almost a Million Devices Feedly Summary: AI Summary and Description: Yes Summary: Microsoft has identified a malvertising campaign that exposed nearly a million devices to malware, linking infected users to malicious websites through redirectors from pirate video streaming sites. This highlights the…

Microsoft Security Blog: Malvertising campaign leads to info stealers hosted on GitHub

Mar 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/06/malvertising-campaign-leads-to-info-stealers-hosted-on-github/ Source: Microsoft Security Blog Title: Malvertising campaign leads to info stealers hosted on GitHub Feedly Summary: Microsoft detected a large-scale malvertising campaign in early December 2024 that impacted nearly one million devices globally. The attack originated from illegal streaming websites embedded with malvertising redirectors and ultimately redirected users to GitHub to deliver…

The Register: China’s Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets

Mar 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/05/china_silk_typhoon_update/ Source: The Register Title: China’s Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets Feedly Summary: They’re good at zero-day exploits, too Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing stolen API keys and cloud credentials in ongoing…

Cloud Blog: Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger

Feb 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messenger/ Source: Cloud Blog Title: Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger Feedly Summary: Written by: Dan Black Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia’s intelligence services. While this…

Microsoft Security Blog: Storm-2372 conducts device code phishing campaign

Feb 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/02/13/storm-2372-conducts-device-code-phishing-campaign/ Source: Microsoft Security Blog Title: Storm-2372 conducts device code phishing campaign Feedly Summary: Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372. Our ongoing investigation indicates that this campaign has been active since August 2024 with the actor creating lures…

Microsoft Security Blog: The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation

Feb 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/02/12/the-badpilot-campaign-seashell-blizzard-subgroup-conducts-multiyear-global-access-operation/ Source: Microsoft Security Blog Title: The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation Feedly Summary: Microsoft is publishing for the first time our research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”.…

Microsoft Security Blog: Code injection attacks using publicly disclosed ASP.NET machine keys

Feb 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/02/06/code-injection-attacks-using-publicly-disclosed-asp-net-machine-keys/ Source: Microsoft Security Blog Title: Code injection attacks using publicly disclosed ASP.NET machine keys Feedly Summary: Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework. In the course of investigating, remediating, and…

The Register: SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix

Jan 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/23/sonicwall_critical_bug/ Source: The Register Title: SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix Feedly Summary: Big organizations and governments are main users of these gateways SonicWall is warning customers of a critical vulnerability that was potentially already exploited as a zero-day.… AI Summary and Description: Yes Summary: SonicWall has issued…

Tag: Microsoft Threat Intelligence