Cybersecurity Archives - Page 2 of 75 - ThreatsHub Cybersecurity News

Microsoft shifts to a new threat actor naming taxonomy

April 18, 2023 TH Author Cybersecurity, Microsoft security intelligence, nation-state actor, private-sector offensive actor (PSOA), threat actor tracking

Microsoft is excited to announce that we are shifting to a new threat actor naming taxonomy aligned to the theme of weather. The complexity, scale, and volume of threats is increasing, driving the need to reimagine not only how Microsoft talks about threats but also how we enable customers to understand those threats quickly and with clarity.
The post Microsoft shifts to a new threat actor naming taxonomy appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets

April 18, 2023 TH Author Cybersecurity, Microsoft, Microsoft security intelligence, Mint Sandstorm, nation-state actor, Phosphorus, Security

Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This subset is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing recently disclosed vulnerabilities.
The post Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Protect intellectual property with Govern 365 and Microsoft Purview

April 17, 2023 TH Author Cybersecurity, Microsoft Intelligent Security Association (MISA)

Learn how to secure sensitive information within your global supply chain with Netwoven Govern 365 and Microsoft Purview Information Protection.
The post Protect intellectual property with Govern 365 and Microsoft Purview appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

See product news and on-demand sessions from Microsoft Secure

April 17, 2023 TH Author AI and machine learning, Cybersecurity, Security strategies

Microsoft Secure on March 28, 2023, was a major success, thanks to more than 51,000 virtual attendees. It’s not too late to watch a session you missed. Watch on-demand.
The post See product news and on-demand sessions from Microsoft Secure appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Threat actors strive to cause Tax Day headaches

April 13, 2023 TH Author Cybersecurity, Microsoft Defender for Office 365, Microsoft security intelligence, Phishing

With U.S. Tax Day approaching, Microsoft has observed phishing attacks targeting accounting and tax return preparation firms to deliver the Remcos RAT and compromise target networks.
The post Threat actors strive to cause Tax Day headaches appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Improve supply chain security and resiliency with Microsoft

April 13, 2023 TH Author Cybersecurity, Identity and access management series, IoT, IoT security series, Security management, Security strategies

The Microsoft Supply Chain Platform was just launched to help companies protect their supply chains against cyber threats.
The post Improve supply chain security and resiliency with Microsoft appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

LinkedIn and Microsoft Entra introduce a new way to verify your workplace

April 12, 2023 TH Author Cybersecurity, Identity and access management, Identity and access management series

LinkedIn members can use a Microsoft Entra Verified ID credential issued from their organization to verify their workplace on their public profile and add instant credibility, increasing trust and confidence in interactions.
The post LinkedIn and Microsoft Entra introduce a new way to verify your workplace appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign

April 11, 2023 TH Author BlackLotus, bootkit, CVE-2022-21894, Cybersecurity, Microsoft Detection and Response Team (DART), UEFI

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus.
The post Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia

April 11, 2023 TH Author Cybersecurity, Microsoft, Microsoft security intelligence, Mobile, private-sector offensive actor (PSOA), Security

Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure called REIGN, that’s designed to exfiltrate data from mobile devices.
The post DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

MERCURY and DEV-1084: Destructive attack on hybrid environment

April 7, 2023 TH Author Cybersecurity, Mercury, Microsoft, Microsoft security intelligence, Security

Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments.
The post MERCURY and DEV-1084: Destructive attack on hybrid environment appeared first on Microsoft Security Blog. READ MORE HERE…