Access to Microsoft Teams Authentication Tokens Is Possible without Downloading Complex Malware

Microsoft Teams authentication tokens

Information security specialists have discovered a serious vulnerability in the Microsoft Teams desktop application: a bug allows access to authentication tokens, which, as it turns out, are stored in plain text format, without any protection. Let me remind you that we also reported that SVCReady Malware Loader Uses Microsoft Office Documents for Attack. Researchers from the information security company Vectra …

Read more

The EvilProxy Phishing Platform Offers a 2FA Bypass for Apple, Google, Microsoft, etc.

Phishing Platform EvilProxy

Resecurity experts discovered the EvilProxy phishing platform, which offers reverse proxies to unskilled attackers and promises to steal authentication tokens to bypass multi-factor authentication (MFA) at Apple, Google, Microsoft, Twitter, GitHub, GoDaddy, Facebook and so on. Let me remind you that we also wrote that SVCReady Malware Loader Uses Microsoft Office Documents for Attack, as well as that Beta Version …

Read more

North Korean Hackers Attack Small and Medium Businesses with H0lyGh0st Ransomware

North Korean hackers H0lyGh0st

Microsoft spoke about a new group of North Korean hackers H0lyGh0st, which it tracks under the identifier DEV-0530. For about six months, these attackers have been carrying out ransomware attacks on small and medium-sized businesses around the world. Let me remind you that we also reported that IS-specialists Discovered a New Interesting Malware Quantum Lnk Builder, and also that Raspberry …

Read more

Raspberry Robin Worm Discovered in Networks of Hundreds of Organizations

Worm Raspberry Robin

Microsoft experts report that the recently discovered Raspberry Robin worm has been found in the networks of hundreds of organizations from various industries. Although Microsoft has observed how the malware binds to addresses on the Tor network, the targets of the attackers are still unknown, since they have not yet taken advantage of access to the networks of their victims. …

Read more

Washington Post Reveals How Russia’s Much-Vaunted Cyber Capability Failed in Ukraine

Washington Post about Ukraine

Washington Post columnist David Ignatius published an article about how major US technology companies helped Ukraine fend off Russian hackers. In a column titled “How Russia’s vaunted cyber capability failed in Ukraine“, he writes about the cooperation between the giants of silicon valley and the US authorities with Kyiv. Let me remind you that we also talked about the fact …

Read more

SVCReady Malware Loader Uses Microsoft Office Documents for Attack

SVCReady malware loader

While studying phishing attacks, HP researchers discovered a previously unknown SVCReady malware loader that features an unusual way of downloading malware to compromised machines – through Word documents. Experts write that SVCReady uses VBA macros to execute shellcode stored in document properties, and the victim’s documents themselves are usually received as attachments in emails. Apparently, the malware is currently in …

Read more

Raspberry Robin Malware Has Worm Features and Abuses Windows Installer

Raspberry Robin Malware

Analysts from Red Canary have discovered a new malware for Windows called Raspberry Robin, which has the properties of a worm and spreads via USB drives. The researchers write that they found malware in the networks of several of their clients, among which were unnamed companies from the technology and manufacturing sectors. Let me remind you that we also wrote …

Read more