Microsoft’s threat intelligence blog warns organizations about Storm-0501’s evolving tactics, targeting hybrid cloud environments. Active since 2021, the group gains initial access to on-prem environments before pivoting to the cloud, using stolen credentials for persistent access. Recently deploying Embargo’s ransomware, Storm-0501 exploits over-privileged accounts and often implants backdoors, posing significant risks to cloud security.
Week in review: 74k Fortinet firewall credentials stolen, Splunk Enterprise RCE under active attack
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: A hardware neural network backdoor that hides in plain sight
