Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Gun Database Breach Leaks Details on Thousands of Owners

Plus: Indian hacker-for-hire groups, Chinese student espionage efforts, and more.

Wired
Open in Source
#android#windows#apple#google#microsoft#git#chrome
ICYMI: A Microsoft Warning, Follina, Atlassian, and More

Dark Reading's digest of the other don't-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness.

Google cracks down on sites with ties to hack-for-hire groups in UAE, Russia, India

By Deeba Ahmed Currently, over 30 sites have been marked as malicious by Google’s Safe Browsing feature. Google TAG (Threat Analysis… This is a post from HackRead.com Read the original post: Google cracks down on sites with ties to hack-for-hire groups in UAE, Russia, India

Microsoft Warns About Evolving Capabilities of Toll Fraud Android Malware Apps

Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its "complex multi-step attack flow" and an improved mechanism to evade security analysis. Toll fraud belongs to a category of billing fraud wherein malicious mobile applications come with hidden subscription fees, roping in unsuspecting users to premium content without their knowledge or consent

Microsoft Going Big on Identity with the Launch of Entra

With more staff working remotely, identity, authentication, and access (IAA) has never been more important. Microsoft has a new response.

New 'SessionManager' Backdoor Targeting Microsoft IIS Servers in the Wild

A newly discovered malware has been put to use in the wild at least since March 2021 to backdoor Microsoft Exchange servers belonging to a wide range of entities worldwide, with infections lingering in 20 organizations as of June 2022. Dubbed SessionManager, the malicious tool masquerades as a module for Internet Information Services (IIS), a web server software for Windows systems, after

Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers

A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. "The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence said in a series of tweets on Thursday. "The group has actively updated its techniques and payloads

Exchange Servers Backdoored Globally by SessionManager

Malicious ISS module exploitation is the latest trend among threat actors targeting Exchange servers, analysts say.

Critical ManageEngine ADAudit Plus Vulnerability Allows Network Takeover, Mass Data Exfiltration

An unauthenticated remote code execution vulnerability found in Zoho’s compliance tool could leave organizations exposed to an information disclosure catastrophe, new analysis shows.

Immigration organisations targeted by APT group Evilnum

Immigration organisations are being targeted by the APT group Evilnum, using spear phishing to send malicious Word documents. The post Immigration organisations targeted by APT group Evilnum appeared first on Malwarebytes Labs.