Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A newly discovered phishing campaign targeting Microsoft 365 accounts has been attributed to Russian-linked threat actors, leveraging an advanced technique known as device code authentication phishing. Reports from both Microsoft and cybersecurity firm Volexity indicate that multiple groups have been exploiting this method since mid-2024, targeting government agencies, NGOs, defense organizations, and private companies across …
The post Hackers Use Device Code Phishing to Hijack Microsoft 365 Accounts appeared first on CyberInsider.
February 14th, 2025 (2 months ago)
|
|
|
Description: Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024.
The attacks have targeted government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas
February 14th, 2025 (2 months ago)
|
|
|
Description: US, UK, and Australian law enforcement have targeted a company called Zservers (and two of its administrators) for providing bulletproof hosting services to the infamous ransomware gang.
February 12th, 2025 (2 months ago)
|
|
|
Description: A subgroup of the Russian state-sponsored hacking group APT44, also known as 'Seashell Blizzard' and 'Sandworm', has been targeting critical organizations and governments in a multi-year campaign dubbed 'BadPilot.' [...]
February 12th, 2025 (2 months ago)
|
|
|
Description: A subgroup within the infamous Russian state-sponsored hacking group known as Sandworm has been attributed to a multi-year initial access operation dubbed BadPilot that stretched across the globe.
"This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and support tailored network operations," the
February 12th, 2025 (2 months ago)
|
|
|
February 12th, 2025 (2 months ago)
|
|
|
Description: Sandworm (aka Seashell Blizzard) has an initial access wing called "BadPilot" that uses standard intrusion tactics to spread Russia's tendrils around the world.
February 12th, 2025 (2 months ago)
|
|
|
Description: The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. [...]
February 11th, 2025 (2 months ago)
|
|
|
Description: The United States, United Kingdom, and Australia have jointly imposed sanctions on Zservers, a Russia-based bulletproof hosting (BPH) provider, for supporting LockBit ransomware operations. The action, announced by the U.S. Treasury's Office of Foreign Assets Control (OFAC), targets the company's role in facilitating cyberattacks against critical infrastructure worldwide. Additionally, two Russian nationals linked to Zservers …
The post Zservers Hosting Sanctioned for Aiding LockBit Attacks appeared first on CyberInsider.
February 11th, 2025 (2 months ago)
|
|
|
Description: The United States, Australia, and the United Kingdom have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) services provider, for supplying essential attack infrastructure for the LockBit ransomware gang. [...]
February 11th, 2025 (2 months ago)
|