Microsoft experts continue to investigate the SolarWinds attack and spotted 3 new strains of malware used as second-stage payloads. Microsoft announced the discovery of three new pieces of malware that the threat actors behind the SolarWinds attack, tracked by the IT giant as Nobelium, used as second-stage payloads. Microsoft’s initial investigation revealed the existence of […]
Microsoft Corp. today released software updates to plug four security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group. The […]
FireEye and Microsoft on Thursday said they discovered three more malware strains in connection with the SolarWinds supply-chain attack, including a “sophisticated second-stage backdoor,” as the investigation into the sprawling espionage campaign continues to yield fresh clues about the threat actor’s tactics and techniques. Dubbed GoldMax (aka SUNSHUTTLE), GoldFinder, and Sibot, the new set of The Hacker […]
Digital fraudsters launched a new phishing campaign that used subpoena-themed emails to deliver information-stealing malware. Detected by Cofense, the campaign targeted employees of insurance and retail companies with phishing emails informing them that they had been subpoenaed. The emails instructed recipients to click on a link so that they could learn more about the case. […]
The advanced persistent threat (APT) group tracked by Microsoft as Platinum is using a new stealthy backdoor malware dubbed Titanium to infiltrate and take control of their targets’ systems. […] BleepingComputer