Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A phishing campaign targeting automotive, chemical, and industrial manufacturing companies in Germany and the UK is abusing HubSpot to steal Microsoft Azure account credentials. [...]
December 18th, 2024 (6 months ago)
|
|
|
Description: Malicious Visual Studio Code extensions were discovered on the VSCode marketplace that download heavily obfuscated PowerShell payloads to target developers and cryptocurrency projects in supply chain attacks. [...]
December 18th, 2024 (6 months ago)
|
|
|
Description: A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan.
Cybersecurity company Securonix, which is tracking the activity under the name FLUX#CONSOLE, said it likely starts with a phishing email link or attachment, although it said it couldn't obtain the original email used to launch the attack.
"One of the
December 18th, 2024 (6 months ago)
|
|
|
Description: A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate.
"An attacker used social engineering via a Microsoft Teams call to impersonate a user's client and gain remote access to their system," Trend Micro researchers Catherine Loveria, Jovit Samaniego, and Gabriel Nicoleta said.
"The attacker failed to install a
December 18th, 2024 (6 months ago)
|
|
|
Description: CISA has issued this year's first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their Microsoft 365 cloud environments by implementing a list of required configuration baselines. [...]
December 18th, 2024 (6 months ago)
|
|
|
Description: Vulnerabilities in Microsoft Azure Data Factory's integration with Apache Airflow can lead to unauthorized access and control over cloud resources.
The post Dirty DAG: New Vulnerabilities in Azure Data Factory’s Apache Airflow Integration appeared first on Unit 42.
December 18th, 2024 (6 months ago)
|
|
|
Description: A critical flaw in the company's rate limit for failed sign-in attempts allowed unauthorized access to a user account, including Outlook emails, OneDrive files, Teams chats, Azure Cloud, and more.
December 11th, 2024 (6 months ago)
|
|
|
Description: The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine.
The new findings come from the Microsoft threat intelligence team, which said it observed the adversary leveraging the Amadey bot malware to download custom malware onto "specifically
December 11th, 2024 (6 months ago)
|
|
|
Description: Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim's account.
"The bypass was simple: it took around an hour to execute, required no user interaction and did not generate any notification or provide the
December 11th, 2024 (6 months ago)
|
|
|
Description: Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild.
Of the 72 flaws, 17 are rated Critical, 54 are rated Important, and one is rated Moderate in severity. Thirty-one of the vulnerabilities are remote code execution flaws, and 27 of them allow for the
December 11th, 2024 (6 months ago)
|