DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit - Microsoft Security Blog
DEV-1101 is an actor tracked by Microsoft responsible for the development, support, and advertising of several AiTM phishing kits, including an open-source kit capable of circumventing MFA through reverse-proxy functionality.
Protecting Android clipboard content from unintended exposure - Microsoft Security Blog
Microsoft discovered that the SHEIN Android application periodically read the contents of the Android device clipboard and, if a particular pattern was present, sent the contents of the clipboard to a remote server.
New research, tooling, and partnerships for more secure AI and machine learning - Microsoft Security Blog
At Microsoft, we’ve been working on the challenges and opportunities of AI for years. Today we’re sharing some recent developments so that the community can be better informed and better equipped for a new world of AI exploration.
2022 in review: DDoS attack trends and insights - Microsoft Security Blog
With DDoS attacks becoming more frequent, sophisticated, and inexpensive to launch, it’s important for organizations of all sizes to be proactive and stay protected. In this blog, we detail trends and insights into DDoS attacks we observed and mitigated throughout 2022.
Introducing kernel sanitizers on Microsoft platforms - Microsoft Security Blog
We share technical details of our work on the AddressSanitizer (ASAN) and how it contributes to durably improving software quality and security at Microsoft.
Unraveling the techniques of Mac ransomware - Microsoft Security Blog
Understanding how Mac ransomware works is critical in protecting today’s hybrid environments. We analyzed several known Mac ransomware families and highlighted these families’ techniques, which defenders can study further to prevent attacks.
Microsoft research uncovers new Zerobot capabilities - Microsoft Security Blog
The Microsoft Defender for IoT research team details information on the recent distribution of a Go-based botnet, known as Zerobot, that spreads primarily through IoT and web-application vulnerabilities.
MCCrash: Cross-platform DDoS botnet targets private Minecraft servers - Microsoft Security Blog
The Microsoft Defender for IoT research team analyzed a cross-platform botnet that infects both Windows and Linux systems from PCs to IoT devices, to launch distributed denial of service (DDoS) attacks against private Minecraft servers.
IIS modules: The evolution of web shells and how to detect them - Microsoft Security Blog
This blog aims to provide further guidance on detecting malicious IIS modules and other capabilities that you can use during your own incident response investigations.
OPSEC Cybersecurity News Live