Government Archives - ThreatsHub Cybersecurity News

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

April 22, 2024 TH Author Blizzard, elevation of privilege, Forest Blizzard (STRONTIUM), Government, Non-governmental organizations (NGOs), Windows

Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions. Microsoft has issued a security update addressing this vulnerability as CVE-2022-38028.
The post Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Staying ahead of threat actors in the age of AI

February 14, 2024 TH Author Blizzard, Forest Blizzard (STRONTIUM), Government, MITRE ATT&CK, Non-governmental organizations (NGOs), Sandstorm, Sleet, Typhoon

Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm, and others. The observed activity includes prompt-injections, attempted misuse of large language models (LLM), and fraud.
The post Staying ahead of threat actors in the age of AI appeared first on Microsoft Security Blog. READ MORE HERE…

Threatpost

Reality Winner, N.S.A. Contractor, Sentenced to 5+ Years in Leak Case

June 28, 2018 TH Author Critical Infrastructure, Election Hacking, Government, Hacks, leaking, local officials, meddling, plea deal, Prison Sentence, reality winner, russia, sentencing

A former National Security Agency contractor pleaded guilty Tuesday to espionage, becoming the first person to be prosecuted under the Trump administration for leaking classified information. READ MORE HERE…

Threatpost

UK Tax Agency Collects 5.1M Biometric Voice IDs, May Violate GDPR

June 25, 2018 TH Author 5.1 million, big brother watch, consent, GDPR, Government, hmrc, Privacy, right to erasure, Security, tax agency, violation, voice id, voiceprint

The agency doesn’t ask for explicit consent to collect the voiceprints; and, the deletion and erasure process lacks transparency. READ MORE HERE…

Threatpost

Supreme Court Bolsters Mobile-Phone Privacy Rights

June 22, 2018 TH Author Carpenter v. United States, Fourth Amendment, Government, Mobile Security, Privacy, Securus Technologies, Sen. Ron Wyden, Timothy Ivory Carpenter, U.S. Supreme Court

Supreme Court decision requires law enforcement to obtain a warrant to gain access to cellphone records for tracking citizens. READ MORE HERE…

Threatpost

FBI’s BEC Crackdown Leads To 74 Arrests Globally

June 12, 2018 TH Author BEC, Business Email Compromise, cyber arrest, FBI, Government, Hacks, Nigerian scammer, scam, scammers, Web Security

The operation also resulted in the seizure of nearly $2.4 million and the recovery of about $14 million in fraudulent wire transfers, said the FBI. READ MORE HERE…

Threatpost

Report: Chinese Hackers Siphon Off ‘Massive’ Amounts of Undersea Military Data

June 11, 2018 TH Author China, Critical Infrastructure, Cryptography, espionage, Featured, Government, Hackers, Hacks, military contractor, military secrets, navy, sea dragon, submarines, undersea

The stolen data included “secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020,” American officials said. READ MORE HERE…

Threatpost

Google Tackles AI Principles: Is It Enough?

June 8, 2018 TH Author AI, artificial intelligence, EFF, Electronic Frontier Foundation, Google, Government, harmful applications, Privacy, robot, seven principles, unintended consequences

AI offers an immense capacity for good — and for unintended consequences. READ MORE HERE…

Threatpost

ICANN Launches GDPR Lawsuit to Clarify the Future of WHOIS

May 31, 2018 TH Author contact information, epag, EU, GDPR, Germany, Government, ICANN, internet domains, lawsuit, Privacy, registrar, WHOIS

WHOIS, the searchable “phonebook” of contact data for internet domains, may violate GDPR — or it may not. A lawsuit seeks to find out which it is. READ MORE HERE…

Threatpost

Hidden Cobra Strikes Again with Custom RAT, SMB Malware

May 30, 2018 TH Author alert, Attacks, brambul, Critical Infrastructure, DHS, FBI, Government, Hidden Cobra, joanap, Lazarus Group, Malware, RAT, SMB, US-CERT

The North Korean-sponsored actors are targeting sensitive and proprietary information, and the malware could disrupt regular operations and disable systems and files. READ MORE HERE…

← Previous