Posted on Leave a comment

Microsoft Blocks Record 2.4 Tbps DDoS Attack On Azure Customers.

Amir Dahan, Senior programme manager for Azure Networking, stated in a blog post  describing it as a “UDP reflection” that lasted around 10 minutes. That’s 140 percent more than 2020’s 1 Tbps attack and better than any previous community volumetric event detected on Azure.

Microsoft said on Monday that its Azure cloud platform neutralised a 2.4 Tbps distributed denial-of-service (DDoS) attack against an unidentified user in Europe in the final week of August, exceeding a 2.3 Tbps attack prevented by … Read more

Posted on Leave a comment

Microsoft Releases Security Alerts on Hackers Targeting US and Israeli Defence Firms

MSTIC(Microsoft Threat Intelligence Center) has identified that threat actors(DEV-0343) are conducting extensive password spraying against more than 250 Office 365 tenants, with a focus on US and Israeli defense technology companies, Persian Gulf ports of entry, or global maritime transportation companies with business presence in the Middle East.  Microsoft gives name like DEV-xxx to an unknown threat actor to track it as a unique set of information until they can reach high confidence about the origin or identity of the … Read more

Posted on Leave a comment

The NSA Releases Advisory on Protecting From Wildcard TLS Certificates and ALPACA attacks.

NSA is releasing this guidance as part of the mission to help secure the DoD,  NSS and DIB. Administrators should warn the organisation against the use of wildcard TLS certificates and the ALPACA TLS attack.

The ALPACA method which attacks hardened web applications through  non-HTTP services secured by a TLS certificate with the same scope as the web application, raises the danger of employing wildcard certificates with a broad scope.

This technique allows a threat actor to trick web servers … Read more

Posted on Leave a comment

Google  Issues Warning on Attack Attempts By APT28 on 14,000 Gmail Accounts.

Shane Huntley, the head of Google’s Threat Analysis Group which reacts to  Government-Backed Attack warnings that Google delivers to targeted consumers each month due to a limited number of targeted attacks that were prevented.

Google has issued a warning to around 14,000 of its users around multiple businesses  about being targeted in a state-sponsored phishing attack by APT28, a threat organisation linked to Russia.

Google reads the blog post that there is an increase in cyberattacks targeting high-profile persons and … Read more

Posted on Leave a comment

Operation GhostShell Uses MalKamak APT to Target Aerospace And Telco Firms .

Operation GhostShell is a highly targeted cyber espionage campaign that mainly targeted companies in the Middle East and also in the United States, Russia, and Europe. The purpose of the attacks  is to steal information about the victims infrastructure, technology and important resources.

During the investigation, the Nocturnus Team discovered ShellClient, a previously unknown and covert RAT that was used as the main espionage instrument.

“During the investigation, efforts were made to identify instances of the ShellClient code and to Read more