Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Unmasking the new persistent attacks on Japan

Cisco Talos has discovered an active exploitation of CVE-2024-4577 by an attacker in order to gain access to the victim's machines and carry out post-exploitation activities.

TALOS
Open in Source
#xss#vulnerability#web#android#mac#windows#microsoft#ubuntu#linux#debian#cisco#apache#git#java#php#rce#alibaba#auth#ssh#docker#ssl
Chinese Silk Typhoon Group Targets IT Tools for Network Breaches

Microsoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks.

US Charges 12 Alleged Spies in China’s Freewheeling Hacker-for-Hire Ecosystem

The Justice Department claims 10 alleged hackers and two Chinese government officials took part in a wave of cyberattacks around the globe that included breaching the US Treasury Department and more.

China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access

The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks. That's according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hacking

Hackers Exploit Cloud Misconfigurations to Spread Malware

Veriti Research reveals 40% of networks allow ‘any/any’ cloud access, exposing critical vulnerabilities. Learn how malware like XWorm…

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2023-20118 (CVSS score: 6.5) - A command injection

Fake IT Support Calls Trick Microsoft Teams Users into Installing Ransomware

Cybercriminals pose as IT support, using fake calls and Microsoft Teams messages to trick users into installing ransomware through email floods and remote access.

New Malware Campaign Exploits Microsoft Graph API to Infect Windows

FortiGuard Labs discovers an advanced attack using modified Havoc Demon and SharePoint. Explore the attack's evasion techniques and security measures.

Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites

Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. "The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph API to obscure C2 communications within trusted, well-known

Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks

Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC). "These include arbitrary kernel memory mapping and