As of late November 2022, Microsoft and other security firms identified a new form of ransomware, called “Sullivan”, deployed against Ukrainian targets, in addition to the “Prestige” ransomware Russia deployed in Ukraine and Poland in October 2022.

The endless list of stolen credentials available online means that without basic defenses like multifactor authentication (MFA), organizations are at a disadvantage in combating ransomware’s infiltration routes before the malware deployment stage.

The purpose of Trickbot for using MikroTik devices is to create a line of communication between the Trickbot-affected device and the C2 server that standard defense systems in the network are not able to detect.

This time, Nobelium attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage various technologies for their customers.

Using a combination of ML techniques, Microsoft developed a detection system that outperforms all visual fingerprint-based benchmarks on all metrics while maintaining a 90% hit rate.

If a target recipient does decide to call the phone number indicated in the email, they will speak with a real person from a fraudulent call center set up by BazaCall’s operators.

Microsoft announced that Microsoft Teams users can now stay protected from malicious link-based phishing attacks using the Safe Links in Microsoft Defender for Office 365.

On July 16, Microsoft’s Digital Crimes Unit (DCU) again secured a court order to take down malicious infrastructure used by cybercriminals to target users of the Office 365 suite.

Microsoft has tracked an increase in consent phishing emails that abuse OAuth request links in an attempt to trick recipients into granting attacker-owned apps permissions to access sensitive data.

ReFirm’s firmware analysis technology will advance Microsoft’s capabilities to help secure IoT and OT devices via Azure Defender for IoT which was recently enhanced with the acquisition of CyberX.