Microsoft

SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been compromising insecure home and ...
Homeland Security Today

Using CHIRP to Detect Post-Compromise Threat Activity in On-Premises Environments

CISA Hunt and Incident Response Program (CHIRP) is a new forensics collection tool that CISA developed to help network defenders find indicators of compromise (IOCs) associated with the SolarWinds and ...
Bleeping Computer

CISA releases tool to review Microsoft 365 post-compromise activity

The Cybersecurity and Infrastructure Security Agency (CISA) has released a companion Splunk-based dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office ...
Nextgov

CISA and FBI Say Malicious Cyber Activity is Unlikely to Compromise Election Infrastructure

The joint public service announcement said “extensive safeguards in place” make it difficult for bad actors to interfere in upcoming midterm elections. Election Security FBI Homeland Security As part ...
CSOonline

Microsoft reports jump in business email compromise activity

Thirty-five million business email compromise (BEC) attempts were detected in the last year, according to the latest Microsoft Cyber Signals report. Cybersecurity activity around business email ...