A series of cyber attacks targeting Azure accounts, specifically those of senior executives and Microsoft 365 Apps, has been reported, with hackers exploiting vulnerabilities to steal sensitive data and financial assets. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has highlighted a critical vulnerability in Fortinet’s FortiOS, which is actively being exploited. Additionally, Proofpoint has uncovered an account takeover campaign against Azure users, involving malware-laden shared documents. Microsoft has responded by releasing patches for 73 flaws in its software, including two actively exploited zero-day vulnerabilities related to Microsoft Defender SmartScreen and a vulnerability in Roundcube email software leading to information disclosure through malicious link references. In a related development, Southern Water has warned that the personal and financial data of some customers have been compromised in a cyber attack. Prudential also reported that a cyber-crime group accessed its IT systems and a small percentage of user accounts. The campaign also involves the use of DarkMe malware, as reported by darkreading.
🚨 ALERT: Beware, traders! Hackers are exploiting a ZERO-DAY flaw in #Microsoft Defender SmartScreen to deliver DarkMe #malware. This sophisticated attack can steal your data and give hackers access to your financial accounts. Learn more: https://t.co/yipybkC4R5 #hacking
Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days: https://t.co/5atEfYfYak by The Hacker News #infosec #cybersecurity #technology #news
⚠️ Zero-day alert! 💻 #Microsoft released security patches for 73 flaws in its software for February 2024. This includes 5 critical and 2 actively exploited zero-day vulnerabilities. Details here: https://t.co/9iuDwJYfwK Don't wait, 🛡️ update your systems now. #cybersecurity
Hackers Target Azure Accounts With Malware-Laden Shared Documents https://t.co/DtZYkKaXNy
Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs: https://t.co/7jI9KwO8cE by darkreading #infosec #cybersecurity #technology #news
Prudential said hackers it believes to be part of a cyber-crime group gained access to some of its information-technology systems and a small percentage of user accounts associated with employees and contractors https://t.co/9hbWXDWxko
Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps #cybersecurity https://t.co/UKzTdJ0NRi
Southern Water has warned that the personal and financial data of some of its customers has been stolen in a cyber attack. Tap below to read more: https://t.co/o4xTsGsxEm
Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond https://t.co/utksSMZZEE
Southern Water has warned that the personal and financial data of some of its customers has been stolen in a cyber attack. Tap below to read more. https://t.co/Myc5PF8ifR
Ongoing Azure Hacking Campaign Targets Senior Execs https://t.co/wQJZL5W2vB
Southern Water customers affected by cyber attack https://t.co/hQwRFANC9d
Southern Water customers affected by cyber attack https://t.co/XGAyiHQQgA #bbcsouthnews
Proofpoint: unknown hackers are targeting hundreds of Azure accounts, some belonging to senior executives, to steal sensitive data and financial assets (@dangoodin001 / Ars Technica) https://t.co/NScuMd73Az 📫 Subscribe: https://t.co/OyWeKSRpIM https://t.co/fi4gK1ldyO
🚨 CISA warns of an exploited #vulnerability in Roundcube email #software that could lead to information disclosure through malicious link references in plain text messages. Learn more: https://t.co/Yo3T5Nel0f #cybersecurity #hacking
Ongoing campaign compromises senior execs’ Azure accounts, locks them using MFA https://t.co/r7P5sDcpbV
Proofpoint uncovers account takeover campaign targeting Azure users https://t.co/zC6IaH353x
A “critical” vulnerability impacting numerous versions of Fortinet’s FortiOS is seeing active exploitation in attacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) said Friday. https://t.co/HjRCFJaGPd
Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps: https://t.co/uGDjSqawj8 by darkreading #infosec #cybersecurity #technology #news