Blizzard Archives - ThreatsHub Cybersecurity News

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

April 22, 2024 TH Author Blizzard, elevation of privilege, Forest Blizzard (STRONTIUM), Government, Non-governmental organizations (NGOs), Windows

Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions. Microsoft has issued a security update addressing this vulnerability as CVE-2022-38028.
The post Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Staying ahead of threat actors in the age of AI

February 14, 2024 TH Author Blizzard, Forest Blizzard (STRONTIUM), Government, MITRE ATT&CK, Non-governmental organizations (NGOs), Sandstorm, Sleet, Typhoon

Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm, and others. The observed activity includes prompt-injections, attempted misuse of large language models (LLM), and fraud.
The post Staying ahead of threat actors in the age of AI appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Star Blizzard increases sophistication and evasion in ongoing attacks

December 7, 2023 TH Author Blizzard, Credential Theft, Star Blizzard (SEABORGIUM), State-sponsored threat actor

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.
The post Star Blizzard increases sophistication and evasion in ongoing attacks appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Microsoft shares threat intelligence at CYBERWARCON 2023

November 9, 2023 TH Author Blizzard, Sandstorm, Tsunami, Typhoon

At the CYBERWARCON 2023 conference, Microsoft and LinkedIn analysts are presenting several sessions detailing analysis across multiple sets of threat actors and related activity, demonstrating Microsoft Threat Intelligence’s ongoing efforts to track threat actors, protect customers, and share information with the wider security community.
The post Microsoft shares threat intelligence at CYBERWARCON 2023 appeared first on Microsoft Security Blog. READ MORE HERE…