Monday, February 10, 2025
Latest:

Microsoft security intelligence

Microsoft Secure
TH Author

Microsoft shifts to a new threat actor naming taxonomy

Microsoft is excited to announce that we are shifting to a new threat actor naming taxonomy aligned to the theme of weather. The complexity, scale, and volume of threats is increasing, driving the need to reimagine not only how Microsoft talks about threats but also how we enable customers to understand those threats quickly and with clarity.
The post Microsoft shifts to a new threat actor naming taxonomy appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets

Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This subset is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing recently disclosed vulnerabilities.
The post Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia

Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure called REIGN, that’s designed to exfiltrate data from mobile devices.
The post DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

DevOps threat matrix

In this blog, we discuss threats we face in our DevOps environment, introducing our new threat matrix for DevOps. Using this matrix, we show the different techniques an adversary might use to attack an organization from the initial access phase and forward.
The post DevOps threat matrix appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks

KillNet, a group that the US Department of Health and Human Services (DHHS) has called pro-Russia hacktivists, has been launching waves of attacks targeting governments and companies with focus on the healthcare sector. In this blog post, we provide an overview of the DDoS attack landscape against healthcare applications hosted in Azure over three months.
The post KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

New research, tooling, and partnerships for more secure AI and machine learning

At Microsoft, we’ve been working on the challenges and opportunities of AI for years. Today we’re sharing some recent developments so that the community can be better informed and better equipped for a new world of AI exploration.
The post New research, tooling, and partnerships for more secure AI and machine learning appeared first on Microsoft Security Blog. READ MORE HERE…

Read More