Phoenix IT

Author: origin

How to Apply MITRE ATT&CK to Your Organization

How to Apply MITRE ATT&CK to Your Organization

Discover all the ways MITRE ATT&CK can help you defend your organization. Build your security strategy and policies by making the most of this important framework. What is the MITRE ATT&CK Framework?# MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a widely adopted framework and knowledge base that outlines and categorizes the tactics, techniques, and

Read More
Hackers Exploit Windows Policy Loophole to Forge Kernel-Mode Driver Signatures

Hackers Exploit Windows Policy Loophole to Forge Kernel-Mode Driver Signatures

A Microsoft Windows policy loophole has been observed being exploited primarily by native Chinese-speaking threat actors to forge signatures on kernel-mode drivers. “Actors are leveraging multiple open-source tools that alter the signing date of kernel mode drivers to load malicious and unverified drivers signed with expired certificates,” Cisco Talos said in an exhaustive two-part report shared with

Read More
Chinese Hackers Deploy Microsoft-Signed Rootkit to Target Gaming Sector

Chinese Hackers Deploy Microsoft-Signed Rootkit to Target Gaming Sector

Cybersecurity researchers have unearthed a novel rootkit signed by Microsoft that’s engineered to communicate with an actor-controlled attack infrastructure. Trend Micro has attributed the activity cluster to the same actor that was previously identified as behind the FiveSys rootkit, which came to light in October 2021. “This malicious actor originates from China and their main victims

Read More
Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments

Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments

Microsoft on Tuesday revealed that it repelled a cyber attack staged by a Chinese nation-state actor targeting two dozen organizations, some of which include government agencies, in a cyber espionage campaign designed to acquire confidential data. The attacks, which commenced on May 15, 2023, entailed access to email accounts affecting approximately 25 entities and a small number

Read More