ThreatsHub.org
Microsoft recently uncovered an attack that exploits new critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity.
The post Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft Threat Intelligence presents cases of threat actors misusing OAuth applications as automation tools in financially motivated attacks.
The post Threat actors misuse OAuth applications to automate financially driven attacks appeared first on Microsoft Security Blog. READ MORE HERE…
The rise in cryptocurrency market capitalization paved the way to the emergence of threats Microsoft security researchers are referring to as “cryware”—information stealers focused on gathering and exfiltrating data from non-custodial cryptocurrency wallets.
The post In hot pursuit of ‘cryware’: Defending hot wallets from attacks appeared first on Microsoft Security Blog. READ MORE HERE…
Phorpiex, an enduring botnet known for extortion campaigns and for using old-fashioned worms, began diversifying its infrastructure in recent years to become more resilient and to deliver more dangerous payloads. Today, the Phorphiex botnet continues to maintain a large network of bots and generates wide-ranging malicious activities. These activities have expanded to include cryptocurrency mining. Read our in-depth research into this botnet.
The post Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment appeared first on Microsoft Security. READ MORE HERE…
BISMUTH, which has been running increasingly complex cyberespionage attacks as early as 2012, deployed Monero coin miners in campaigns from July to August 2020. The group’s use of coin miners was unexpected, but it was consistent with their longtime methods of blending in.
The post Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them appeared first on Microsoft Security. READ MORE HERE…
In 2017, more than 700 million malware specimens were discovered. In this type of environment, it can be a considerable challenge for enterprises to keep up with the ever-changing threat landscape and ensure their internal protections are sufficient for safeguarding their most critical IT assets and data. After all, with each new day comes a sophisticated…
The post Which specific malware trends should American businesses be prepared for? appeared first on . Read More HERE…
A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor partners, making the apps legitimate installer the unsuspecting carrier of a Read more READ MORE HERE…
Digital attacks have evolved quite a bit in recent years. First, businesses and researchers observed a rash of ransomware, wherein encryption was exploited to lock users out of their data and files in an attempt to collect financial ransom. Now, the next big wave in cybercriminal strategy has come, involving increasingly popular cryptocurrencies and the…
The post The trend toward cryptojacking: What it is and how businesses can prevent it appeared first on . Read More HERE…
When your computer or mobile device (and now, even your IoT device) is hijacked to secretly mine cryptocurrencies, it’s been cryptojacked and becomes a coinmining zombie. Its CPU, memory, disk, and power are enlisted in varying degrees in the service of the mining botnet, which labors on behalf of those who use it, with other…
The post Don’t Be a Coinmining Zombie – Part 1: Getting Cryptojacked appeared first on . Read More HERE…