Security News > 2015 > May > APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal (Help Net Security)

APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal (Help Net Security)

2015-05-14 13:49

A China-based APT group has been using Microsoft’s TechNet web portal to host encoded Command and Control IP addresses for its BLACKCOFFEE malware, FireEye researchers have revealed. "While other g...

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/sM38Zoghmew/malware_news.php

#APT #aptgroup #malware #microsoft #security

Related news

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia (source)
The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal (source)
Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware (source)
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware (source)
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.