Tag: #zerotrust
In a deeply concerning case of prolonged cyberespionage, the Chinese state-linked hacking group Weaver Ant (a subgroup of the larger APT41) was discovered to have infiltrated a telecom provider’s internal network for more than four years, from 2019 to mid-2023. The hackers deployed custom malware, including xDealer and LionsBot, targeting both Windows and Linux environments […]
Microsoft remained a dominant force in the digital ecosystem in 2024—but also a magnet for cyber threats. This report delivers a data-driven breakdown of key cyberattacks that targeted Microsoft or exploited its products globally between January and December 2024. Cybersecurity professionals will find detailed analysis of threat actors, exploited vulnerabilities, attack vectors, volume of attacks, […]
The Microsoft device code phishing attack is a sophisticated cyber threat that manipulates the OAuth device authorization flow to bypass multi-factor authentication (MFA) and gain unauthorized access to Microsoft 365 accounts. According to recent cybersecurity reports, over 55% of phishing attacks in 2024 have targeted Microsoft 365 users, emphasizing the growing vulnerability of cloud-based authentication […]