Microsoft

Russia-Affiliated Threat Actor Void Blizzard Targets NATO and Ukraine with Credential Theft and Cloud Abuse

A newly identified Russia-affiliated threat actor, Void Blizzard (also known as LAUNDRY BEAR), has been conducting widespread cyberespionage operations targeting critical sectors across NATO member states and Ukraine.

Marbled Dust leverages zero-day in Output Messenger for regional espionage

A Turkish-aligned cyber-espionage group known as Marbled Dust has exploited a zero-day vulnerability in Output Messenger to conduct surveillance on Kurdish military operations in Iraq.

Threat actors misuse Node.js to deliver malware and other malicious payloads | Microsoft Security Blog

Microsoft Defender Experts has observed a rise in malicious campaigns that use Node.js to deliver malware and other harmful payloads. These campaigns aim to steal information and exfiltrate data from compromised systems.

Threat Actors Leverage Tax Season To Deploy Tax-Themed Phishing Campaigns

These campaigns lead to phishing pages delivered via the RaccoonO365 phishing-as-a-service (PhaaS) platform, remote access trojans (RATs) like Remcos, and other malware like Latrodectus, BruteRatel C4 (BRc4), AHKBot, and GuLoader.
January 20, 2025

New Star Blizzard Spear-Phishing Campaign Targets WhatsApp Accounts

The sender address used by the threat actor in this campaign impersonates a US government official, continuing Star Blizzard’s practice of impersonating known political/diplomatic figures, to further ensure target engagement.
September 30, 2024

Storm-0501 Expands Ransomware Attacks to Hybrid Cloud Environments

Microsoft has detected Storm-0501 using Cobalt Strike for lateral movement across networks and deploying Embargo ransomware on victim organizations in hybrid cloud setups.

Mitigating Skeleton Key, a New Type of Generative AI Jailbreak Technique

Microsoft has discovered a new type of jailbreak attack called Skeleton Key. This technique uses a multi-turn strategy to make the model ignore its guardrails, allowing it to generate forbidden content or override its decision-making rules.

AI Jailbreaks: What They are and How They can be Mitigated

AI jailbreaks can lead to various risks and harms, including unauthorized data access, sensitive data exfiltration, generating ransomware, subversion of decision-making systems, and IP infringement.

Threat Actors Misusing Quick Assist in Social Engineering Attacks Leading to Ransomware

Cybercriminals are exploiting Microsoft's Quick Assist tool to conduct social engineering attacks and deliver ransomware like Black Basta to target users across various industries.

“Dirty Stream” Attack Affects Popular Android Apps

A vulnerability in popular Android apps like Xiaomi File Manager and WPS Office could allow malicious apps to overwrite files in the vulnerable app's home directory, potentially leading to code execution and unauthorized access to user data.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags