Security News > 2015 > May > APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal (Help Net Security)

APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal (Help Net Security)

2015-05-14 13:49

A China-based APT group has been using Microsoft’s TechNet web portal to host encoded Command and Control IP addresses for its BLACKCOFFEE malware, FireEye researchers have revealed. "While other g...

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/sM38Zoghmew/malware_news.php

#APT #aptgroup #malware #microsoft #security

Related news

Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security (source)
Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
Microsoft: January Windows security updates break audio playback (source)
New Microsoft script updates Windows media with bootkit malware fixes (source)
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials (source)
Microsoft says attackers use exposed ASP.NET keys to deploy malware (source)
Microsoft shares workaround for Windows security update issues (source)
FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.