Security News > 2015 > May > APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal (Help Net Security)

APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal (Help Net Security)

2015-05-14 13:49

A China-based APT group has been using Microsoft’s TechNet web portal to host encoded Command and Control IP addresses for its BLACKCOFFEE malware, FireEye researchers have revealed. "While other g...

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/sM38Zoghmew/malware_news.php

#APT #aptgroup #malware #microsoft #security

Related news

Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
AI agents swarm Microsoft Security Copilot (source)
New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
China-linked FamousSparrow APT group resurfaces with enhanced capabilities (source)
Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot (source)
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
Fake Microsoft Office add-in tools push malware via SourceForge (source)
New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.