Microsoft’s threat intelligence blog warns organizations about Storm-0501’s evolving tactics, targeting hybrid cloud environments. Active since 2021, the group gains initial access to on-prem environments before pivoting to the cloud, using stolen credentials for persistent access. Recently deploying Embargo’s ransomware, Storm-0501 exploits over-privileged accounts and often implants backdoors, posing significant risks to cloud security.
CISA Details New RESURGE Malware Used In Ivanti Attacks
The U.S. Cybersecurity and Information Security Agency (CISA) has detected a new malware variant termed RESURGE, which can modify files and manipulate integrity checks. The
