Microsoft

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 08 Jun 2023 16:00:00 +0000

Microsoft Defender Experts observed a multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targeting banking and financial services organizations over two days. This attack originated from a compromised trusted vendor, involved AiTM and BEC attacks across multiple supplier/partner organizations for financial fraud, and did not use a reverse proxy like typical AiTM attacks.

The post Detecting and mitigating a multi-stage AiTM phishing and BEC campaign appeared first on Microsoft Security Blog.

Credit to Author: Irina Nechaeva| Date: Wed, 07 Jun 2023 16:00:00 +0000

Join us at the digital event Reimagine secure access with Microsoft Entra to explore how to make identity your first line of defense and to hear about innovative products.

The post Join our digital event to learn what’s new in Microsoft Entra appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Threat Intelligence| Date: Tue, 30 May 2023 16:00:00 +0000

A new vulnerability, which we refer to as “Migraine”, could allow an attacker with root access to bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device.

The post New macOS vulnerability, Migraine, could bypass System Integrity Protection appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 24 May 2023 19:00:00 +0000

Chinese state-sponsored actor Volt Typhoon is using stealthy techniques to target US critical infrastructure, conduct espionage, and dwell in compromised environments.

The post Volt Typhoon targets US critical infrastructure with living-off-the-land techniques appeared first on Microsoft Security Blog.