Microsoft Threat Intelligence – Page 2 – Experimental News Clipping Site

Microsoft Security Blog: Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

May 21, 2025

—

by

Source URL: https://www.microsoft.com/en-us/security/blog/2025/05/21/lumma-stealer-breaking-down-the-delivery-techniques-and-capabilities-of-a-prolific-infostealer/ Source: Microsoft Security Blog Title: Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer Feedly Summary: Over the past year, Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries. Microsoft,…

Microsoft Security Blog: Marbled Dust leverages zero-day in Output Messenger for regional espionage

May 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/05/12/marbled-dust-leverages-zero-day-in-output-messenger-for-regional-espionage/ Source: Microsoft Security Blog Title: Marbled Dust leverages zero-day in Output Messenger for regional espionage Feedly Summary: Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output…

Microsoft Security Blog: Understanding the threat landscape for Kubernetes and containerized assets

Apr 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/04/23/understanding-the-threat-landscape-for-kubernetes-and-containerized-assets/ Source: Microsoft Security Blog Title: Understanding the threat landscape for Kubernetes and containerized assets Feedly Summary: The dynamic nature of containers can make it challenging for security teams to detect runtime anomalies or pinpoint the source of a security incident, presenting an opportunity for attackers to stay undetected. Microsoft Threat Intelligence has…

Microsoft Security Blog: Exploitation of CLFS zero-day leads to ransomware activity

Apr 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/04/08/exploitation-of-clfs-zero-day-leads-to-ransomware-activity/ Source: Microsoft Security Blog Title: Exploitation of CLFS zero-day leads to ransomware activity Feedly Summary: Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have discovered post-compromise exploitation of a newly discovered zero-day vulnerability in the Windows Common Log File System (CLFS) against a small number of targets. Microsoft released…

Microsoft Security Blog: Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware

Mar 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/13/phishing-campaign-impersonates-booking-com-delivers-a-suite-of-credential-stealing-malware/ Source: Microsoft Security Blog Title: Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware Feedly Summary: Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking.com and targets organizations in the hospitality industry. The…

The Register: That ‘angry guest’ email from Booking.com? It’s a scam, not a 1-star review

Mar 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/13/bookingdotcom_phishing_campaign/ Source: The Register Title: That ‘angry guest’ email from Booking.com? It’s a scam, not a 1-star review Feedly Summary: Phishers check in, your credentials check out, Microsoft warns An ongoing phishing campaign disguised as a Booking.com email casts keystroke and credential-stealing malware into hospitality employees’ inboxes for financial fraud and theft, according…

Microsoft Security Blog: New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

Mar 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/11/new-xcsset-malware-adds-new-obfuscation-persistence-techniques-to-infect-xcode-projects/ Source: Microsoft Security Blog Title: New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects Feedly Summary: Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects, in the wild. Its first known variant since 2022, this latest XCSSET malware features…

Slashdot: Microsoft Admits GitHub Hosted Malware That Infected Almost a Million Devices

Mar 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/03/10/1652235/microsoft-admits-github-hosted-malware-that-infected-almost-a-million-devices?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Microsoft Admits GitHub Hosted Malware That Infected Almost a Million Devices Feedly Summary: AI Summary and Description: Yes Summary: Microsoft has identified a malvertising campaign that exposed nearly a million devices to malware, linking infected users to malicious websites through redirectors from pirate video streaming sites. This highlights the…

Microsoft Security Blog: Malvertising campaign leads to info stealers hosted on GitHub

Mar 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/06/malvertising-campaign-leads-to-info-stealers-hosted-on-github/ Source: Microsoft Security Blog Title: Malvertising campaign leads to info stealers hosted on GitHub Feedly Summary: Microsoft detected a large-scale malvertising campaign in early December 2024 that impacted nearly one million devices globally. The attack originated from illegal streaming websites embedded with malvertising redirectors and ultimately redirected users to GitHub to deliver…

The Register: China’s Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets

Mar 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/05/china_silk_typhoon_update/ Source: The Register Title: China’s Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets Feedly Summary: They’re good at zero-day exploits, too Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing stolen API keys and cloud credentials in ongoing…

Tag: Microsoft Threat Intelligence