microsoft 365 defender

MicrosoftSecurity

ACTINIUM targets Ukrainian organizations

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Fri, 04 Feb 2022 18:00:00 +0000

The Microsoft Threat Intelligence Center (MSTIC) is sharing information on a threat group named ACTINIUM, which has been operational for almost a decade and has consistently pursued access to organizations in Ukraine or entities related to Ukrainian affairs. MSTIC previously tracked ACTINIUM activity as DEV-0157, and this group is also referred to publicly as Gamaredon.…

The post ACTINIUM targets Ukrainian organizations appeared first on Microsoft Security Blog.

Read More
MicrosoftSecurity

The evolution of a Mac trojan: UpdateAgent’s progression

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Wed, 02 Feb 2022 17:00:00 +0000

Our discovery and analysis of a sophisticated Mac trojan in October exposed a year-long evolution of a malware family—and depicts the rising complexity of threats across platforms.

The post The evolution of a Mac trojan: UpdateAgent’s progression appeared first on Microsoft Security Blog.

Read More
MicrosoftSecurity

Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Wed, 26 Jan 2022 17:00:00 +0000

We uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign.

The post Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA appeared first on Microsoft Security Blog.

Read More