Is Russia regrouping for renewed cyberwar?

As of late November 2022, Microsoft and other security firms identified a new form of ransomware, called “Sullivan”, deployed against Ukrainian targets, in addition to the “Prestige” ransomware Russia deployed in Ukraine and Poland in October 2022.

Defending against the new ransomware landscape

The endless list of stolen credentials available online means that without basic defenses like multifactor authentication (MFA), organizations are at a disadvantage in combating ransomware’s infiltration routes before the malware deployment stage.

TrickBot Malware Exploiting MicroTik Routers for its Command-and-Control Infrastructure

The purpose of Trickbot for using MikroTik devices is to create a line of communication between the Trickbot-affected device and the C2 server that standard defense systems in the network are not able to detect.
October 25, 2021

Microsoft Says SolarWinds Hackers Compromised 14 Technology Providers to Piggyback on Customer Access

This time, Nobelium attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage various technologies for their customers.

Spotting brand impersonation with Swin transformers and Siamese neural networks

Using a combination of ML techniques, Microsoft developed a detection system that outperforms all visual fingerprint-based benchmarks on all metrics while maintaining a 90% hit rate.

BazaCall: Phony call centers lead to exfiltration and ransomware

If a target recipient does decide to call the phone number indicated in the email, they will speak with a real person from a fraudulent call center set up by BazaCall’s operators.

Microsoft Teams gets more Phishing Protection!

Microsoft announced that Microsoft Teams users can now stay protected from malicious link-based phishing attacks using the Safe Links in Microsoft Defender for Office 365.

Fighting an emerging cybercrime trend involving imposter domains

On July 16, Microsoft’s Digital Crimes Unit (DCU) again secured a court order to take down malicious infrastructure used by cybercriminals to target users of the Office 365 suite.

Microsoft details the rise in consent phishing emails and potential mitigations

Microsoft has tracked an increase in consent phishing emails that abuse OAuth request links in an attempt to trick recipients into granting attacker-owned apps permissions to access sensitive data.

Microsoft acquires ReFirm Labs to enhance IoT security

ReFirm’s firmware analysis technology will advance Microsoft’s capabilities to help secure IoT and OT devices via Azure Defender for IoT which was recently enhanced with the acquisition of CyberX.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags