Security News > 2015 > May > APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal (Help Net Security)

APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal (Help Net Security)

2015-05-14 13:49

A China-based APT group has been using Microsoft’s TechNet web portal to host encoded Command and Control IP addresses for its BLACKCOFFEE malware, FireEye researchers have revealed. "While other g...

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/sM38Zoghmew/malware_news.php

#APT #aptgroup #malware #microsoft #security

Related news

Microsoft overhauls security for publishing Edge extensions (source)
GoldenJackal APT group breaches air-gapped systems in Europe (source)
Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild (source)
Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
Microsoft warns it lost some customer's security logs for a month (source)
Microsoft lost some customers’ cloud security logs (source)
Microsoft Entra "security defaults" to make MFA setup mandatory (source)
VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
Microsoft pulls Exchange security updates over mail delivery issues (source)
ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.