Researchers show ways to abuse Microsoft Teams accounts for lateral movement
Attackers have several ways to enable lateral movement within a network via a compromised Teams account.
Stories by Lucian Constantin
-
-
SMBs and regional MSPs are increasingly targeted by state-sponsored APT groups
Research shows a shift toward advanced persistent threat actors compromising smaller organisation, in part to enable other attacks.
-
Legitimate looking npm packages found hosting TurkoRat infostealer
The malicious packages have been downloaded hundreds of times, but the long-term impact is unknown.
-
Critical remote code execution flaws patched in Cisco small business switches
Some of the vulnerabilities could lead to complete compromise of the device as a proof of concept is publicly available.
-
New ransomware gang RA Group quickly expanding operations
The RA Group uses double extortion and has detailed information on its victims.
-
Israeli threat group uses fake company acquisitions in CEO fraud schemes
The group targets multinational firms using email display name spoofing and multiple fake personas.
-
Microsoft fixes bypass for critical Outlook zero-click flaw patch
Microsoft rates the new Outlook vulnerability as medium severity, but Akamai researchers say it should be higher.
-
Azure API Management flaws highlight server-side request forgery risks in API development
New SSRF vulnerabilities highlight the weaknesses of using blacklisting techniques as a defense mechanism.
-
New ransomware group CACTUS abuses remote management tools for persistence
The CACTUS cybercriminal group targets VPN appliances for initial access and to install a backdoor.
-
Cybercrime group FIN7 targets Veeam backup servers
At least two Veeam instances have been compromised, possibly using a vulnerability patched in March.
-
Iranian cyberspies deploy new malware implant on Microsoft Exchange Servers
A cyberespionage group believed to be associated with the Iranian government has been infecting Microsoft Exchange Servers with a new malware implant dubbed BellaCiao that acts as a dropper for additional payloads.
-
New DDoS amplification vector could enable massive attacks
A vulnerability in the Service Location Protocol on internet-connected devices could create a DDoS amplification factor of up to 2200X.
-
Cisco patches high and critical flaws across several products
Left unmitigated, the vulnerabilities could lead to unauthorised remote access, denial of service attacks, or privilege escalation.
-
Russian cyber spy group APT28 backdoors Cisco routers via SNMP
The spy agency has been exploiting an old vulnerability that allows bad actors to gain access through simple network management protocol credentials.
-
Hard-to-detect malware loader distributed via AI-generated YouTube videos
The new malware loads the Aurora infostealer and can avoid being executed in virtual machines or sandboxes for analysis.
Events
ARN Innovation Awards 2023
Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.
Brand Post
Partnering Observability for Sustainable Healthcare IT
Sponsored By
