Microsoft Defender Experts for Hunting now generally available
Announced in May, Defender Experts for Hunting provides businesses that already have Security Operation Centers (SOCs) but are also willing to pay for additional help to hunt threats across endpoints, Office 365, cloud apps, and identity.
Microsoft’s security experts will use Defender data for threat investigation and to provide customers with remediation instructions, as well as help deploy threat hunting across all Microsoft 365 Defender products within hours, according to Redmond.
ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.
The ALPHV/BlackCat ransomware gang claims to have hacked the European gas pipeline Creos Luxembourg S.A.
Creos Luxembourg S.A. owns and manages electricity networks and natural gas pipelines in the Grand Duchy of Luxembourg. In this capacity, the company plans, constructs and maintains high, medium and low-voltage electricity networks and high, medium and low-pressure natural gas pipelines, which it owns or which it is responsible for managing.
The ALPHV/BlackCat ransomware group claims to have stolen more than 150 GB from the company, a total of 180.000 files. Stolen data include contracts, agreements, passports, bills, and emails.
Chromium Browsers Allow Data Exfiltration via Bookmark Syncing
“Bruggling” emerges as a novel technique for pilfering data out from a compromised environment — or for sneaking in malicious code and attack tools.
David Prefer, an academic researcher at the SANS Technology Institute, made the discovery as part of broader research into how attackers can abuse browser functionality to smuggle data out from a compromised environment and carry out other malicious functionality.
In a recent technical paper, Prefer described the process as “bruggling” — a portmanteau of browser and smuggling. It’s a novel data exfiltration vector that he demonstrated with a proof-of-concept (PoC) PowerShell script called “Brugglemark” that he developed for the purpose.
The Fine Art of Bruggling
“There’s no weakness or vulnerability that is being exploited with the synchronization process,” Prefer stresses. “What this paper hones in on is the ability to name bookmarks whatever you want, and then synchronize them to other signed-in devices, and how that very convenient, helpful functionality can be twisted and misused in an unintended way.”
Read more Cyber Security News and Articles: https://QUE.com/tag/cybersecurity