Cybersecurity Attacks

Securezoo Cybersecurity Threat Center blog posts of new cybersecurity attacks.

MCCrash botnet launches DDoS attacks against Minecraft servers

Microsoft researchers have detected a cross-platform botnet designed to infect Windows, Linux, and IoT devices. The botnet dubbed “MCCrash” then launches distributed denial of service (DDoS) attacks against private Minecraft servers.

MCCrash botnet launches DDoS attacks against Minecraft servers Read More »

Agenda Ransomware gang uses Rust to target more companies worldwide

A ransomware-as-a-service group has released a new variant of Agenda ransomware written in Rust, designed to target more companies from different countries. The group has also posted company victims online, threatening to publish private files.

Agenda Ransomware gang uses Rust to target more companies worldwide Read More »

CISA adds 6 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities)

The Cybersecurity and Infrastructure Security Agency (CISA) has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities.

CISA adds 6 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities) Read More »

Microsoft: Attackers are increasingly using token theft in cyberattacks to bypass MFA

The Microsoft Detection and Response Team (DART) has spotted an increase in attackers using token theft in the cloud to compromise corporate systems while bypassing multi-factor authentication (MFA) and other authentication controls.

Microsoft: Attackers are increasingly using token theft in cyberattacks to bypass MFA Read More »

Cyber threat actors exploit Zimbra Collaboration Suite vulnerabilities (update)

The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have published a joint security alert for multiple vulnerabilities against Zimbra Collaboration Suite (ZCS).

Cyber threat actors exploit Zimbra Collaboration Suite vulnerabilities (update) Read More »

Top CVEs targeted by PRC state-sponsored cyber actors

The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit common, publicly known vulnerabilities used since 2020 to “actively target U.S. and allied networks.”

Top CVEs targeted by PRC state-sponsored cyber actors Read More »

Microsoft disables Basic authentication in Exchange Online to fight password spray attacks

Microsoft has disabled Basic authentication in Exchange Online tenants to help fight against password spray attacks. Attackers are stepping up attacks in anticipation, Microsoft warns.

Microsoft disables Basic authentication in Exchange Online to fight password spray attacks Read More »