Active Adversary Playbook 2022 Insights: Web Shells
Credit to Author: gallagherseanm| Date: Wed, 22 Jun 2022 11:00:07 +0000
Public proofs-of-concept of web shell exploits coincide with major spikes in attacks.
Read moreMonth: June 2022
Watch out for the email that says “You have a new voicemail!”
Credit to Author: Pieter Arntz| Date: Wed, 22 Jun 2022 09:24:27 +0000
An email campaign lures users with a voicemail notification to enter their Office 365 credentials on a fake login page.
The post Watch out for the email that says “You have a new voicemail!” appeared first on Malwarebytes Labs.
Read moreImproving AI-based defenses to disrupt human-operated ransomware
Credit to Author: Paul Oliveria| Date: Tue, 21 Jun 2022 16:00:00 +0000
To disrupt human-operated ransomware attacks as early as possible, we enhanced the AI-based protections in Microsoft Defender for Endpoint with a range of specialized machine learning techniques that swiftly identify and block malicious files, processes, or behavior observed during active attacks.
The post Improving AI-based defenses to disrupt human-operated ransomware appeared first on Microsoft Security Blog.
Read moreCapital One identity theft hacker finally gets convicted
Credit to Author: Paul Ducklin| Date: Tue, 21 Jun 2022 15:24:24 +0000
It took three years, but the Capital One cracker was convicted in the end. Don’t get caught out in a data breach of your own!
Read moreDFSCoerce, a new NTLM relay attack, can take control over a Windows domain
Credit to Author: Pieter Arntz| Date: Tue, 21 Jun 2022 15:49:12 +0000
A researcher has posted a PoC for yet another NTLM relay attack method dubbed DFSCoerce. It is high time to retire NTLM.
The post DFSCoerce, a new NTLM relay attack, can take control over a Windows domain appeared first on Malwarebytes Labs.
Read moreRussia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine
Credit to Author: Threat Intelligence Team| Date: Tue, 21 Jun 2022 15:25:09 +0000
Threat actors associated with Russian intelligence are using the fear or nuclear war to spread data-stealing malware in Ukraine.
The post Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine appeared first on Malwarebytes Labs.
Read moreTrouble with Windows? You have support options
Credit to Author: Susan Bradley| Date: Tue, 21 Jun 2022 05:15:00 -0700
So, you finally got around to installing a Windows update from Microsoft, and there’s a problem. Where do you go for support and assistance?
Short answer: it depends.
If you are an Enterprise customer and have an issue with your work computer — whether in the office or remote — there should be a designated IT administrator or help desk for you. You either call the help desk or open a trouble ticket and someone gets back to you. Often, they have tools to remotely connect to your computer and see what’s going on. If the issue is so serious your machine can’t be fixed, they’ll deploy a new computer or reimage your PC using tools such as Autopilot to deploy a fresh copy of Windows for you.
You can be tracked online using your Chrome browser extensions
Credit to Author: Christopher Boyd| Date: Tue, 21 Jun 2022 10:45:38 +0000
We look at a new project which uses several techniques to determine which Chrome extensions are being used on a device.
The post You can be tracked online using your Chrome browser extensions appeared first on Malwarebytes Labs.
Read moreSecurity vulnerabilities: 5 times that organizations got hacked
Credit to Author: Bill Cozens| Date: Tue, 21 Jun 2022 10:04:02 +0000
In this post, we break down 5 times hackers used security vulnerabilities in 2021 to attack governments and businesses.
The post Security vulnerabilities: 5 times that organizations got hacked appeared first on Malwarebytes Labs.
Read moreSecuring your IoT with Edge Secured-core devices
Credit to Author: Christine Barrett| Date: Tue, 21 Jun 2022 06:00:00 +0000
To simplify your IoT security journey, today, we’re announcing the availability of Windows IoT Edge Secured-core devices available in the Azure Certified Device catalog from Lenovo, ASUS and AAEON, additionally we’re also announcing the availability of devices that meet the Microsoft sponsored Edge Compute Node protection profile which is governed with industry oversight, from Scalys and Eurotech. And learn more on Microsoft’s investments in MCU security.
The post Securing your IoT with Edge Secured-core devices appeared first on Microsoft Security Blog.
Read more