Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 17 Apr 2024 16:00:00 +0000

Microsoft recently uncovered an attack that exploits new critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity.

The post Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters appeared first on Microsoft Security Blog.

Read more

Threat actors misuse OAuth applications to automate financially driven attacks

Credit to Author: Microsoft Threat Intelligence| Date: Tue, 12 Dec 2023 18:00:00 +0000

Microsoft Threat Intelligence presents cases of threat actors misusing OAuth applications as automation tools in financially motivated attacks.

The post Threat actors misuse OAuth applications to automate financially driven attacks appeared first on Microsoft Security Blog.

Read more

In hot pursuit of ‘cryware’: Defending hot wallets from attacks

Credit to Author: Paul Oliveria| Date: Tue, 17 May 2022 16:00:00 +0000

The rise in cryptocurrency market capitalization paved the way to the emergence of threats Microsoft security researchers are referring to as “cryware”—information stealers focused on gathering and exfiltrating data from non-custodial cryptocurrency wallets.

The post In hot pursuit of ‘cryware’: Defending hot wallets from attacks appeared first on Microsoft Security Blog.

Read more