Microsoft cybersecurity experts: They impersonate legitimate organizations, using social media platforms like WhatsApp and Telegram, to send messages for spreading 2 trojans.
Microsoft-CISA: The China sponsored APT is pursuing development of capabilities that could disrupt critical communications infrastructure between U.S. and Asia.
The goal is to steal the SharePoint Online credentials via a fake platform landing page. Victims have three attempts to digit the password, all of which will be wrong.
Microsoft cybersecurity experts: The botnet exploits unpatched vulnerabilities in the Spring Framework and WordPress plugins to infect systems with mining malware.