Credit to Author: Eric Avena| Date: Thu, 04 Mar 2021 17:00:02 +0000
Microsoft has identified three new pieces of malware being used in late-stage activity by NOBELIUM – the actor behind the SolarWinds attacks, SUNBURST, and TEARDROP.
The post GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Thu, 14 Jan 2021 17:00:19 +0000
This blog is a guide for security administrators using Microsoft 365 Defender and Azure Defender to identify and implement security configuration and posture improvements that harden enterprise environments against Solorigate’s attack patterns.
The post Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Mon, 28 Dec 2020 17:25:16 +0000
This blog is a comprehensive guide for security operations and incident response teams using Microsoft 365 Defender to identify, investigate, and respond to the Solorigate attack if it’s found in your environment.
The post Using Microsoft 365 Defender to protect against Solorigate appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Mon, 30 Nov 2020 22:30:31 +0000
BISMUTH, which has been running increasingly complex cyberespionage attacks as early as 2012, deployed Monero coin miners in campaigns from July to August 2020. The group’s use of coin miners was unexpected, but it was consistent with their longtime methods of blending in.
The post Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them appeared first on Microsoft Security.
Read more