China's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.
RedVDS, a cybercrime-as-a-service operation that has stolen millions from victims, lost two domains to a law enforcement operation supported by Microsoft.
A campaign against Microsoft 365 users leverages Quantum Route Redirection, which simplifies previously technical attack steps and has affected victims across 90 countries.
A group linked to Russian intelligence services redirected victims to fake Cloudflare verification pages and exploited Microsoft's device code authentication flow.
The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise of on-premises Microsoft SharePoint servers.
Microsoft, PayPal, Docusign, and others are among the trusted brands threat actors use in socially engineered scams that try to get victims to call adversary-controlled phone numbers.
A threat actor has already exploited one of the flaws in a ransomware campaign with victims in the US and other countries.
Trend Micro uncovered a method that nation-state threat actors are using to target victims via the Windows .Ink shortcut file extension.
The emails impersonate well-known companies in the industry, fooling the victim into thinking they are communicating with a legitimate entity.
Though IE was officially retired in June 2022, the vulnerability ramped up in January 2023 and has been going strong since.
An open direct vulnerability in the Nespresso Web domain lets attackers bypass detection as they attempt to steal victims' Microsoft credentials.
Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode and other malware onto victim machines.
Attackers are breaching cloud environments and playing games with corporate Microsoft 365 apps, and further victims are likely to come.
Russian state-sponsored threat actor Nobelium used a basic password-spray attack to breach Microsoft corporate email accounts, including for execs.
Sophisticated Windows and Linux malware for stealing data and conducting cyber espionage has flown under the radar, disguised as a cryptominer.
The sophisticated APT employs various tactics to abuse Windows and other built-in protocols with both custom and public malware to take over victim systems.
Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims.
Attackers use legitimate Windows installer to hide malicious scripts that install a backdoor and miners that leverage victims' graphics processing power.
A secretive phishing cabal boasts a sophisticated affiliate network and a modular, custom toolset that's claiming victims on three continents.
Some billion-dollar organizations have already been identified as victims of the prolific ransomware group's latest exploit, amidst ongoing attacks.