Microsoft Archives - ThreatsHub Cybersecurity News

Microsoft jumps into competitive security service edge (SSE) arena

July 13, 2023 TH Author Cloud Security, Microsoft, Microsoft 365, Microsoft Azure, Network Security, SASE, SD-WAN

Microsoft is jumping into the competitive Secure Service Edge (SSE) arena with a software package aimed at protecting its Windows and Azure customers as well as other cloud-based enterprise resources.The new software is part of Microsoft’s Entra identity and network access suite, and it features two new elements – Entra Internet Access and Entra Private Access – that will control and secure access to cloud-based resources. Those two new pieces, coupled with Microsoft’s existing SaaS-focused cloud-access security broker (CASB), called Microsoft Defender for Cloud apps, comprise Microsoft’s SSE package.To read this article in full, please click here READ MORE HERE…

Microsoft Secure

Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets

April 18, 2023 TH Author Cybersecurity, Microsoft, Microsoft security intelligence, Mint Sandstorm, nation-state actor, Phosphorus, Security

Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This subset is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing recently disclosed vulnerabilities.
The post Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia

April 11, 2023 TH Author Cybersecurity, Microsoft, Microsoft security intelligence, Mobile, private-sector offensive actor (PSOA), Security

Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure called REIGN, that’s designed to exfiltrate data from mobile devices.
The post DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

MERCURY and DEV-1084: Destructive attack on hybrid environment

April 7, 2023 TH Author Cybersecurity, Mercury, Microsoft, Microsoft security intelligence, Security

Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments.
The post MERCURY and DEV-1084: Destructive attack on hybrid environment appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

DevOps threat matrix

April 6, 2023 TH Author Cybersecurity, Microsoft, Microsoft security intelligence, Security

In this blog, we discuss threats we face in our DevOps environment, introducing our new threat matrix for DevOps. Using this matrix, we show the different techniques an adversary might use to attack an organization from the initial access phase and forward.
The post DevOps threat matrix appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit

March 13, 2023 TH Author adversary-in-the-middle, Cybersecurity, Man in the Middle, Microsoft, Microsoft security intelligence, Phishing, Security

DEV-1101 is an actor tracked by Microsoft responsible for the development, support, and advertising of several AiTM phishing kits, including an open-source kit capable of circumventing MFA through reverse-proxy functionality.
The post DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Protecting Android clipboard content from unintended exposure

March 6, 2023 TH Author Android, Cybersecurity, Microsoft, Microsoft security intelligence, Security

Microsoft discovered that the SHEIN Android application periodically read the contents of the Android device clipboard and, if a particular pattern was present, sent the contents of the clipboard to a remote server.
The post Protecting Android clipboard content from unintended exposure appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

2022 in review: DDoS attack trends and insights

February 21, 2023 TH Author Azure, Cybersecurity, DDoS, Microsoft, Microsoft security intelligence, Security

With DDoS attacks becoming more frequent, sophisticated, and inexpensive to launch, it’s important for organizations of all sizes to be proactive and stay protected. In this blog, we detail trends and insights into DDoS attacks we observed and mitigated throughout 2022.
The post 2022 in review: DDoS attack trends and insights appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability

December 19, 2022 TH Author Cybersecurity, macOS, Microsoft, Microsoft security intelligence, Security, Vulnerability

Microsoft discovered a vulnerability in macOS, referred to as “Achilles”, allowing attackers to bypass application execution restrictions enforced by the Gatekeeper security mechanism.
The post Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability appeared first on Microsoft Security Blog. READ MORE HERE…

← Previous