ThreatsHub.org
Microsoft has been actively tracking a widespread credential phishing campaign using open redirector links, which allow attackers to use a URL in a trusted domain and embed the eventual final malicious URL as a parameter.
The post Widespread credential phishing campaign abuses open redirector links appeared first on Microsoft Security Blog. READ MORE HERE…
By spotting trends in the techniques used by attackers in phishing attacks, we can swiftly respond to attacks and use the knowledge to improve customer security and build comprehensive protections through Microsoft Defender for Office 365 and other solutions.
The post Trend-spotting email techniques: How modern phishing emails hide in plain sight appeared first on Microsoft Security Blog. READ MORE HERE…
Our security solutions use multiple detection and prevention techniques to help users avoid divulging sensitive information to phishers as attackers continue refining their impersonation tricks. In this blog, we discuss our latest innovation toward developing another detection layer focusing on the visual components of brand impersonation attacks.
The post Spotting brand impersonation with Swin transformers and Siamese neural networks appeared first on Microsoft Security Blog. READ MORE HERE…
LemonDuck is an actively updated and robust malware primarily known for its botnet and cryptocurrency mining objectives. Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials, removes security controls, spreads via emails, moves laterally, and ultimately drops more tools for human-operated activity.
The post When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks appeared first on Microsoft Security Blog. READ MORE HERE…
Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been discussed publicly in other security blogs and covered by the media.
The post BazaCall: Phony call centers lead to exfiltration and ransomware appeared first on Microsoft Security Blog. READ MORE HERE…
A new approach for malware classification combines deep learning with fuzzy hashing. Fuzzy hashes identify similarities among malicious files and a deep learning methodology inspired by natural language processing (NLP) better identifies similarities that actually matter, improving detection quality and scale of deployment.
The post Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion techniques appeared first on Microsoft Security Blog. READ MORE HERE…
LemonDuck, an actively updated and robust malware that’s primarily known for its botnet and cryptocurrency mining objectives, adopted more sophisticated behavior and escalated its operations. Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials, removes security controls, spreads via emails, moves laterally, and ultimately drops more tools for human-operated activity.
The post When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure appeared first on Microsoft Security Blog. READ MORE HERE…
As containers become a major part of many organizations’ IT workloads, it becomes crucial to consider the unique security threats that target such environments when building security solutions. The first step in this process is understanding the relevant attack landscape.
The post The evolution of a matrix: How ATT&CK for Containers was built appeared first on Microsoft Security Blog. READ MORE HERE…
The Microsoft Threat Intelligence Center (MSTIC) alongside the Microsoft Security Response Center (MSRC) has uncovered a private-sector offensive actor, or PSOA, that we are calling SOURGUM in possession of now-patched, Windows 0-day exploits (CVE-2021-31979 and CVE-2021-33771).
The post Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft threat analysts are tracking a continued increase in consent phishing emails, also called illicit consent grants, that abuse OAuth request links in an attempt to trick recipients into granting attacker-owned apps permissions to access sensitive data.
The post Microsoft delivers comprehensive solution to battle rise in consent phishing emails appeared first on Microsoft Security Blog. READ MORE HERE…