credential theft

  1. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers

    Original release date: October 3, 2018 Systems Affected Network Systems Overview The National Cybersecurity and Communications Integration Center (NCCIC) is aware of ongoing APT actor activity attempting to infiltrate the networks of global managed service providers (MSPs). Since May 2016...
    • News
    • Thread
    • apt authentication cloud security credential theft cybersecurity data security incident incident response logging managed services mitigation network architecture network security operational controls powershell risk management supply chain system integrity technical alert threat detection
    • Replies: 0
    • Forum: Security Alerts

  2. AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide

    Original release date: October 11, 2018 Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.Link Removed[2][3][4]Link Removed In it we highlight the use of five...
    • News
    • Thread
    • apt chinachopper credential theft cybersecurity exfiltration huc incident response jbifrost lateral movement malware mimikatz network defense network monitoring phishing powershellempire publictools remote access security updates threat actors vulnerabilities
    • Replies: 0
    • Forum: Security Alerts

  3. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers

    Original release date: October 03, 2018 Systems Affected Network Systems Overview The National Cybersecurity and Communications Integration Center (NCCIC) is aware of ongoing APT actor activity attempting to infiltrate the networks of global managed service providers (MSPs). Since May 2016...
    • News
    • Thread
    • apt attack vector cloud computing credential theft cybersecurity data security incident incident response malicious software managed services mitigation nccic network security operational controls security controls system administration technical alert threat actors threat intelligence vulnerability management
    • Replies: 0
    • Forum: Security Alerts

  4. TA18-201A: Emotet Malware

    Original release date: July 20, 2018 Systems Affected Network Systems Overview Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state...
    • News
    • Thread
    • antivirus banking trojan credential theft cybersecurity data loss dhs email security emotet infection malicious emails malspam malware ms-isac network security persistence phishing remediation security threat analysis windows
    • Replies: 0
    • Forum: Security Alerts

  5. TA17-117A: Intrusions Affecting Multiple Victims Across Multiple Sectors

    Original release date: April 27, 2017 | Last revised: May 14, 2017 Systems Affected Networked Systems Overview The National Cybersecurity and Communications Integration Center (NCCIC) has become aware of an emerging sophisticated campaign, occurring since at least May 2016, that uses...
    • News
    • Thread
    • administrativecredentials credential theft cybersecurity data exfiltration hacking healthcare security incident information technology itprotection malware nccic network security plugx public health redleaves remote access trojan security threat actors windows
    • Replies: 0
    • Forum: Security Alerts

  6. TA17-117A: Intrusions Affecting Multiple Victims Across Multiple Sectors

    Original release date: April 27, 2017 Systems Affected Networked Systems Overview The National Cybersecurity and Communications Integration Center (NCCIC) has become aware of an emerging sophisticated campaign, occurring since at least May 2016, that uses multiple malware implants. Initial...
    • News
    • Thread
    • attack vector credential theft cybersecurity data breach defense strategies indicators of compromise intrusion it services malware nccic network security network traffic plugx rat redleaves risk assessment security threat actors vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  7. Mitigating Credential Theft using the Windows 10 Isolated User Mode

    In this video Seth Moore describes another benefit of the Windows 10 Isolated User Mode: credential theft mitigation. He first describes the kinds of credentials that can be stolen and how a hacker gains access to them. He then describes how the Windows 10 Isolated User Mode prevents the typical...
    • News
    • Thread
    • access control compromise computing environment credential theft cybersecurity hacking innovation isolated user mode mitigation protection security seth moore tech insights user mode user vigilance video windows 10 windows kernel
    • Replies: 0
    • Forum: Live RSS Feeds

  8. AAEH Malware: Overview, Impact, and Mitigation Strategies for Multiple Windows Systems

    Original release date: April 09, 2015 Systems Affected Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8 Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012 Overview AAEH is a family of polymorphic downloaders created with the primary purpose of downloading other...
    • News
    • Thread
    • aaeh antivirus beebone credential theft cybersecurity dhs downloader fbi impact malware mitigation network security password polymorphic prevention ransomware rar files removal tool systems affected zip files
    • Replies: 0
    • Forum: Security Alerts

  9. Taste of Premier: How to Mitigate Pass-the-Hash and Other Forms of Credential Theft

    Lex Thomas welcomes Mark Simos, an Architect for the Cyber, Security and Identity team here at Microsoft, to discuss tools, techniques and services that are available to help mitigate “Pass-the-Hash” and other forms of cyber credential theft. Tune in as they give us an in-depth overview of the...
    • News
    • Thread
    • active directory cloud solutions credential theft cybersecurity identity management it architecture microsoft network security pass-the-hash podcast privileged access security features security guide security software system center teched threat mitigation virtualization windows 10 windows server
    • Replies: 0
    • Forum: Live RSS Feeds

  10. TA14-317A: Apple iOS "Masque Attack" Technique

    Original release date: November 13, 2014 Systems Affected iOS devices running iOS 7.1.1, 7.1.2, 8.0, 8.1, and 8.1.1 beta. Overview A technique labeled “Masque Attack” allows an attacker to substitute malware for a legitimate iOS app under a limited set of circumstances. Description...
    • News
    • Thread
    • app store apple attack techniques background monitoring credential theft cybersecurity fireeye installation ios malware masque attack mitigation mobile security phishing root privileges security software update untrusted app user data vulnerability
    • Replies: 0
    • Forum: Security Alerts

  11. July 2014 Security Bulletin Release

    Many around the globe have been following the 2014 FIFA World Cup Brazil™ closely. Regardless of which country you are supporting, many folks have been impressed by the defensive display put on by keeper Tim Howard in a loss against Belgium. It was a great performance highlighting a strong...
    • News
    • Thread
    • adobe flash browser upgrade bulletin credential theft critical cve enterprise security important internet explorer moderate protected mode remote code execution security server security smartscreen update vulnerabilities webcast windows windows journal
    • Replies: 0
    • Forum: Security Alerts

  12. TA14-150A: GameOver Zeus P2P Malware

    Original release date: June 02, 2014 Systems Affected Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8 Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012 Overview GameOver Zeus (GOZ), a peer-to-peer (P2P) variant of the Zeus family of bank credential-stealing malware...
    • News
    • Thread
    • antivirus banking theft credential theft cybercrime cybersecurity data security ddos gameover zeus infection solutions malware online safety operating system p2p phishing privacy security alert technical alert update
    • Replies: 0
    • Forum: Security Alerts

  13. Update to Improve Credentials Protection and Management - Version: 1.0

    Revision Note: V1.0 (May 13, 2014): Advisory published. Summary: Microsoft is announcing the availability of an update for supported editions of Windows 8, Windows RT, Windows Server 2012, Windows 7, and Windows Server 2008 R2 that improves credential protection and domain authentication...
    • News
    • Thread
    • 2014 authentication client computer credential theft credentials credssp domain user lsa management microsoft policy enforcement protection restricted admin security server 2008 server 2012 update windows 7 windows 8 windows rt
    • Replies: 0
    • Forum: Security Alerts

  14. Update to Improve Credentials Protection and Management - Version: 1.0

    Revision Note: V1.0 (May 13, 2014): Advisory published. Summary: Microsoft is announcing the availability of an update for supported editions of Windows 8, Windows RT, Windows Server 2012, Windows 7, and Windows Server 2008 R2 that improves credential protection and domain authentication...
    • News
    • Thread
    • authentication credential theft credentials management protection security update windows 7 windows 8 windows server
    • Replies: 0
    • Forum: Security Alerts