A phishing campaign exploiting Microsoft Teams has been discovered deploying a unique PowerShell backdoor. Cybersecurity firm ReliaQuest identified an attack technique previously unseen in the wild, in which hijacking of the Windows Type Library forces component object models towards malicious files. The threat actor impersonated Technical Support in Microsoft Teams, and specifically targeted afternoon attacks on female executive-level employees within finance, professional, scientific and technical services sectors.
Microsoft Warns of Ransomware Exploiting Cloud Environments with New Techniques
Microsoft warns of sophisticated ransomware attacks in Q1 2025, targeting hybrid cloud environments through vulnerabilities in on-premises and cloud services. Notably, North Korean group Moonstone
