Security News

A threat actor known for providing ransomware gangs with initial access to enterprise systems has been phishing employees via Microsoft Teams. Storm-0324 is a temporary name assigned by Microsoft to this particular threat actor and shows that the company has yet to reach high confidence about the origin or identity of the actor behind the operation.

Microsoft says an initial access broker known for working with ransomware groups has recently switched to Microsoft Teams phishing attacks to breach corporate networks. "In July 2023, Storm-0324 began using phishing lures sent over Teams with malicious links leading to a malicious SharePoint-hosted file," Microsoft said on Tuesday.

A new phishing campaign taking advantage of an easily exploitable issue in Microsoft Teams to deliver malware has been flagged by researchers.Late last month, Truesec researchers spotted two compromised Microsoft 365 accounts sending HR-themed messages with a malicious attachment to enterprise targets.

A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware. The campaign started in late August 2023, when Microsoft Teams phishing messages were seen being sent by two compromised external Office 365 accounts to other organizations.

This collaborative endeavor has now welcomed a new addition - the Cyber Threat Intelligence search engine Criminal IP - into PolySwarm's expansive detection engine network. Criminal IP's expertise is set to amplify the aggregation and validation of critical threat data.

August 2023 Patch Tuesday is here; among the 76 CVE-numbered issues fixed by Microsoft this time around is a DoS vulnerability in. There is a Microsoft Office "Defense in Depth Update" available that, according to Microsoft, stops the attack chain leading to CVE-2023-36884, a Windows Search RCE vulnerability that has been previously exploited by Russian hackers in targeted attacks.

An infamous Kremlin-backed gang has been using Microsoft Teams chats in attempts to phish marks in governments, NGOs, and IT businesses, according to the Windows giant. In its latest crime spree, a crew that Microsoft Threat Intelligence now tracks as Midnight Blizzard uses previously compromised Microsoft 365 tenants to create domains that masquerade as organizations offering tech support.

Pen testing helps to identify security flaws in your IT infrastructure before threat actors can detect and exploit them. Here, we outline key factors to consider before, during, and post the penetration testing process.

An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering...

Microsoft on Wednesday disclosed that it identified a set of highly targeted social engineering attacks mounted by a Russian nation-state threat actor using credential theft phishing lures sent as Microsoft Teams chats. Microsoft said the campaign, observed since at least late May 2023, affected less than 40 organizations globally spanning government, non-government organizations, IT services, technology, discrete manufacturing, and media sectors.