Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems

An Iranian government-backed actor known as Mint Sandstorm has been linked to attacks aimed at critical infrastructure in the U.S. between late 2021 to mid-2022. "This Mint Sandstorm subgroup is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing N-day vulnerabilities, and has demonstrated agility in its operational focus, which appears to align

The Hacker News
Open in Source
#vulnerability#web#microsoft#intel#backdoor#The Hacker News
NSO Group Is Back in Business With 3 New iOS Zero-Click Exploits

An investigation concludes that NSO Group was hired in 2022 to deploy Pegasus spyware against human rights workers in Mexico and other targets.

Giving a Face to the Malware Proxy Service ‘Faceless’

For the past seven years, a malware-based proxy service known as "Faceless" has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. In this post we'll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name.

'Zaraza' Bot Targets Google Chrome to Extract Login Credentials

The data-stealing malware threatens the cyber safety of individual and organizational privacy by infecting a range of Web browsers.

Beyond CVEs: The Key to Mitigating High-Risk Security Exposures

Use ongoing exposure management to parse the riskiest exposures and probable attack paths, then identify and plug the choke points.

How Zero Trust Can Protect Systems Against Generative AI Agents

Researchers explore a love-hate relationship with AI tools like ChatGPT, which can be used to both attack and defend more efficiently.

Recycled Core Routers Expose Sensitive Corporate Network Info

Researchers are warning about a dangerous wave of unwiped, secondhand core-routers found containing corporate network configurations, credentials, and application and customer data.

Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access

The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems. While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB has revealed the adversary's use of the SimpleHelp remote support software in June 2022. MuddyWater,

Microsoft Vulnerability Severity Classification for Online Services Publication

The Microsoft Security Response Center (MSRC) is always looking for ways to provide clarity and transparency around how we assess the impact of vulnerabilities reported in our products and services. We have published a new Microsoft Vulnerability Severity Classification for Online Services to provide additional information about our approach to online services and web applications.

マイクロソフトのオンラインサービスにおける、脆弱性の深刻度分類の公開

本ブログは、Microsoft Vulnerability Severity Classification for Online Services Publication の抄訳版です。最新の情報は原文を参照してください。 マイク