Cybercrime actors target users in India with Android malware
Microsoft cybersecurity experts: They impersonate legitimate organizations, using social media platforms like WhatsApp and Telegram, to send messages for spreading 2 trojans.
CyberSecurity, active zero-day RCE vulnerability for Office and Windows HTML
Microsoft: The CVE-2023-36884 has no patch and is used with specially crafted Office documents. However, the user has to open them.
Cybercrime, cargo shipping themed phishing campaign
The goal is to steal Microsoft credentials through three links in an email pointing to a fake Office365 login page.
Cyber Espionage, Volt Typhoon is an imminent danger to U.S.
Microsoft-CISA: The China sponsored APT is pursuing development of capabilities that could disrupt critical communications infrastructure between U.S. and Asia.
Cybercrime, new SharePoint-themed phishing campaign
The goal is to steal the credentials via a fake landing page. Victims have three attempts to digit the password, all of which will be wrong.
Cybercrime, fake Audit report bait for an HTML phishing campaign
The goal is to steal the SharePoint Online credentials via a fake platform landing page. Victims have three attempts to digit the password, all of which will be wrong.
Cyber Warfare, Prestige is a new ransomware targeting Ukraine and Poland
Microsoft MSTIC cybersecurity experts: The targets are organizations in the transportation and related logistics industries in both countries.
Cybercrime, North Korea targets SMEs with H0lyGh0st ransomware
Microsoft cybersecurity experts: The group, aka DEV-0530, has connections with PLUTONIUM (aka DarkSeoul or Andariel).
Cybercrime, Sysrv – K targets Windows, Linux to steal cryptocurrencies
Microsoft cybersecurity experts: The botnet exploits unpatched vulnerabilities in the Spring Framework and WordPress plugins to infect systems with mining malware.
Cybersecurity, CISA adds 3 new vulnerabilities to the Known Exploited Catalog
They are the CVE-2021-3156, CVE-2021-31166 and CVE-2017-0148. One is linked to Sudo and the other two to Microsoft.