Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Microsoft has uncovered a large-scale malvertising campaign that compromised nearly one million devices worldwide, distributing information-stealing malware via GitHub. The attack, detected in early December 2024, originated from illegal streaming websites that redirected users through multiple malicious domains before delivering payloads hosted on GitHub, Dropbox, and Discord. Microsoft Threat Intelligence began tracking this campaign in …
The post Microsoft Says GitHub-Boosted Malware Campaign Infected 1 Million Devices appeared first on CyberInsider.
March 7th, 2025 (3 months ago)
|
|
|
Description: Microsoft says a North Korean hacking group tracked as Moonstone Sleet has deployed Qilin ransomware payloads in a limited number of attacks. [...]
March 7th, 2025 (3 months ago)
|
CVE-2024-57972 |
Description: A vulnerability in the pairing request method in Microsoft HoloLens 1 and 2 - Windows Holographic 10.0.17763.3046 through 10.0.22621.1244 allows remote attackers to cause a Denial of Service via the Device Portal framework.
EPSS Score: 2.28%
March 6th, 2025 (3 months ago)
|
|
|
Description: Microsoft has taken down an undisclosed number of GitHub repositories used in a massive malvertising campaign that impacted almost one million devices worldwide. [...]
March 6th, 2025 (3 months ago)
|
|
|
Description: Starting mid-March 2025, Microsoft will start prompting users of its Microsoft 365 apps for Windows to back up their files to OneDrive. [...]
March 6th, 2025 (3 months ago)
|
|
|
Description: The nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft.
March 5th, 2025 (3 months ago)
|
|
|
Description: Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. [...]
March 5th, 2025 (3 months ago)
|
|
|
Description: Microsoft Threat Intelligence has identified a shift in tactics by Silk Typhoon, a Chinese state-sponsored cyber-espionage group, which is now targeting IT supply chain providers, including remote management tools and cloud applications. By exploiting unpatched applications and leveraging stolen credentials, the group gains access to downstream customer environments, enabling extensive cyber-espionage activities. This development follows …
The post Microsoft: Chinese Hackers “Silk Typhoon” Now Target the IT Supply Chain appeared first on CyberInsider.
March 5th, 2025 (3 months ago)
|
|
|
Description: The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks.
That's according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hacking
March 5th, 2025 (3 months ago)
|
|
|
Description: New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups utilizing the same social engineering attacks and the BackConnect proxy malware for post-exploitation access to corporate networks. [...]
March 4th, 2025 (3 months ago)
|