China's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.
A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to avoid detection.
The notorious Russian state-sponsored hacking unit, also known as Fancy Bear, is abusing Microsoft Outlook for covert data exfiltration.
Microsoft has called the hacker collective one of the most dangerous current cyberthreats.
As enterprises in the world embrace Microsoft's AI assistant, researcher Michael Bargury warns its security is lacking. Check out his News Desk interview during Black Hat USA.
Feds confirmed Iran's involvement in email attack against Roger Stone after Microsoft, Google reported Iranian APT action against both presidential campaigns.
At Black Hat USA, security researcher Michael Bargury released a "LOLCopilot" ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot — and offered advice for defensive tooling.
Microsoft researchers discover an old-timey scam with a facelift for the cloud era: hacking retailers' portals to make it rain gift cards.
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Dealing with a Ramadan cyber spike; funding Internet security; and Microsoft's Azure AI changes.
A federal review board demanded that the tech giant prioritize its "inadequate" security posture, putting the blame solely on the company for last year's Microsoft 365 breach that allowed China's Storm-0558 to hack the email accounts of key government officials.
The alarming number of cyber threats targeting Microsoft cloud applications shows cybersecurity needs an overhaul.
The Russian APT behind the SolarWinds attacks exfiltrated data from HPE email accounts last May.
Sold for around $5,000 in hacking forums, the BlackLotus UEFI bootkit is capable of targeting even updated systems, researchers find.
Google researchers say the nation-state hacking team is now employing a data-theft tool that targets Gmail, Yahoo!, and Microsoft Outlook accounts using previously acquired credentials.
The attack on Israeli organizations is the latest in a long line of attempts to compromise supply chains, as the APT looks to leverage that access to target a multitude of potential victims.
The operation aimed to disrupt cyber espionage activity a Russian GRU group was using for the Ukraine war.