sleet – Computer Security Articles

Staying ahead of threat actors in the age of AI

February 14, 2024 admin blizzard, forest blizzard (strontium), Government, mitre att&ck, non-governmental organizations (ngos), Sandstorm, sleet, Typhoon

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 14 Feb 2024 12:00:00 +0000

Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm, and others. The observed activity includes prompt-injections, attempted misuse of large language models (LLM), and fraud.

The post Staying ahead of threat actors in the age of AI appeared first on Microsoft Security Blog.

Microsoft Security

Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability

October 30, 2023 admin diamond sleet (zinc), sleet, state-sponsored threat actor

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 18 Oct 2023 16:30:00 +0000

Since early October 2023, Microsoft has observed North Korean nation-state threat actors Diamond Sleet and Onyx Sleet exploiting the Jet Brains TeamCity CVE-2023-42793 remote-code execution vulnerability. Given supply chain attacks carried out by these threat actors in the past, Microsoft assesses that this activity poses a particularly high risk to organizations who are affected.

The post Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability appeared first on Microsoft Security Blog.