Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

Credit to Author: Microsoft Threat Intelligence| Date: Mon, 22 Apr 2024 16:00:00 +0000

Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions. Microsoft has issued a security update addressing this vulnerability as CVE-2022-38028.

The post Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials appeared first on Microsoft Security Blog.

Read more

Staying ahead of threat actors in the age of AI

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 14 Feb 2024 12:00:00 +0000

Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm, and others. The observed activity includes prompt-injections, attempted misuse of large language models (LLM), and fraud.

The post Staying ahead of threat actors in the age of AI appeared first on Microsoft Security Blog.

Read more

Star Blizzard increases sophistication and evasion in ongoing attacks

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 07 Dec 2023 12:01:00 +0000

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.

The post Star Blizzard increases sophistication and evasion in ongoing attacks appeared first on Microsoft Security Blog.

Read more

Microsoft shares threat intelligence at CYBERWARCON 2023

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 09 Nov 2023 12:00:00 +0000

At the CYBERWARCON 2023 conference, Microsoft and LinkedIn analysts are presenting several sessions detailing analysis across multiple sets of threat actors and related activity, demonstrating Microsoft Threat Intelligence’s ongoing efforts to track threat actors, protect customers, and share information with the wider security community.

The post Microsoft shares threat intelligence at CYBERWARCON 2023 appeared first on Microsoft Security Blog.

Read more

World of Warcraft phish campaign lures victims with free pet

Credit to Author: Christopher Boyd| Date: Tue, 28 Mar 2017 15:00:14 +0000

We take a look at a World of Warcraft phish doing the rounds which could stand to do a spot of updating where it’s branding is concerned.

Categories:

Tags:

(Read more…)

The post World of Warcraft phish campaign lures victims with free pet appeared first on Malwarebytes Labs.

Read more