Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Recent attacks on institutions in the Netherlands were the work of a previously unknown Russian hacking group that Dutch intelligence agencies are labeling Laundry Bear. Microsoft also reported on the group, naming it Void Blizzard.
May 27th, 2025 (8 days ago)
|
|
Description: Microsoft has shed light on a previously undocumented cluster of threat activity originating from a Russia-affiliated threat actor dubbed Void Blizzard (aka Laundry Bear) that it said is attributed to "worldwide cloud abuse."
Active since at least April 2024, the hacking group is linked to espionage operations mainly targeting organizations that are important to Russian government objectives,
May 27th, 2025 (8 days ago)
|
|
Description: Microsoft has released an emergency update to address a known issue causing some Hyper-V virtual machines with Windows Server 2022 to freeze or restart unexpectedly. [...]
May 27th, 2025 (8 days ago)
|
|
Description: Microsoft Windows Server 2016 - Win32k Elevation of Privilege
May 25th, 2025 (10 days ago)
|
|
Description: Microsoft has rolled out a new wave of AI-powered features to its core Windows 11 applications, Paint, Snipping Tool, and Notepad, available now to Windows Insiders in the Canary and Dev channels. These upgrades, exclusive to Copilot+ PCs running Windows 11, aim to boost creativity, precision, and productivity by integrating generative AI and intelligent automation …
The post Microsoft Introduces New AI Features to Paint and Notepad in Windows 11 appeared first on CyberInsider.
May 23rd, 2025 (12 days ago)
|
|
Description: Microsoft is testing a new AI-powered text generation feature in Notepad that can let Windows Insiders create content based on custom prompts. [...]
May 23rd, 2025 (12 days ago)
|
|
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment.
"Threat actors may have accessed client secrets for Commvault's (Metallic) Microsoft 365 (M365) backup software-as-a-service (SaaS) solution, hosted in Azure," the agency said.
"This
May 23rd, 2025 (12 days ago)
|
|
Description: Court is in session! In this blog post, we examine the use of a legitimate Microsoft 365 application called “SigParser” identified during an identity compromise. How are OAuth apps used during identity intrusions? Find out here!
May 22nd, 2025 (13 days ago)
|
|
May 22nd, 2025 (13 days ago)
|
|
Description: While credential abuse is a primary initial access vector, identity compromise plays a key role in most stages of a cyber attack. Here’s what you need to know — and how Tenable can help.Identity compromise plays a pivotal role in how attackers move laterally through an organization. Credential abuse is the top initial access vector, implicated in 22% of breaches, according to the 2025 Verizon Data Breach Investigations Report, followed closely by vulnerability exploitation (20%). But identity compromise doesn’t stop after initial access. It plays a key role in five stages of a cyber attack.Understanding the following stages of an attack helps illuminate where identity becomes a threat vector:Initial accessReconnaissanceLateral movement and privilege escalationPersistence and detection evasionDeploymentBelow, we explore actions security teams can take to protect identities in each of these stages. While the guidance we share here is based on protecting on-premises Microsoft Active Directory environments, it’s worth considering how credential compromise can affect Microsoft Entra ID and hybrid identity infrastructure. We also discuss how Tenable Identity Exposure, available in the Tenable One Exposure Management Platform, can be used at each stage to provide security teams with valuable insights to help them proactively reduce their exposure to cyber attacks.Stage 1: Initial accessAttackers need a foothold and credential abuse enables them to get one. To prevent credentials ...
May 22nd, 2025 (13 days ago)
|