Microsoft says Russia-backed hacking group Secret Blizzard targeted Ukraine's military using other cybercriminals' tools, “to make attribution more difficult”
A Russian-government backed hacking group targeted Ukraine's military using tools and infrastructure developed by cybercriminals, according to new research.
Microsoft says Russian hackers have sent “highly targeted spearphishing emails” to thousands of US officials, defense workers, and others during the past week
- Thousands targeted in spearphishing campaign during last week — Hackers said to impersonate Microsoft employees in some emails
A timeline of the attack on open-source project XZ Utils, which began in late 2021 and led to a backdoor with RCE in Linux distros Debian, Red Hat, and others
Over a period of over two years, an attacker using the name “Jia Tan” worked as a diligent, effective contributor to the xz compression library …
A timeline of the attack on open-source project XZ Utils, which began in late 2021 and led to a backdoor with RCE in Linux distros Debian, Red Hat, and others
Over a period of over two years, an attacker using the name “Jia Tan” worked as a diligent, effective contributor to the xz compression library …
Microsoft engineer Andres Freund accidentally found the malicious code in versions of the XZ Utils compression tool, likely preventing thousands of infections
Yesterday's discovery of the xz backdoor was an accident. But what a fortunate accident it was.
Microsoft disables Windows App Installer's ms-appinstaller after the URI scheme was used to spread malware; Microsoft disabled and re-enabled the scheme in 2022
While I was there this was used to deliver malware and had no basic security thought put into it, so they disabled the feature. — After I left they reenabled it, it got misused f...