Skip to content
Sign In Subscribe
Cybersecurity | english only |NewsCybersecurityEnglish

Untangling KNOTWEED

 and  Ferenc Fresz
1 min read

Table of Contents

European private-sector offensive actor using 0-day exploits

The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) found a private-sector offensive actor (PSOA) using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and Central American customers. The PSOA, which MSTIC tracks as KNOTWEED, developed malware called Subzero which was used in these attacks.

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits - Microsoft Security Blog
MSTIC and MSRC disclose technical details of a private-sector offensive actor (PSOA) tracked as KNOTWEED using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and Central American customers.
Microsoft Security BlogMicrosoft 365 Defender Threat Intelligence Team

Related

Supply Chain Attack Against Customers Of Business Phone Provider 3CX Using Trojanized 3CX Desktop App
Cybersecurity | english only |

Supply Chain Attack Against Customers Of Business Phone Provider 3CX Using Trojanized 3CX Desktop App

Hackers may have compromised the networks of thousands of businesses due to a supply-chain attack on the enterprise phone company 3CX, which confirmed on Thursday its desktop app had been bundled with malware. 3CX provides office phone systems to more than 12 million daily users at over 600,000 companies,

 and  Ferenc Fresz
Members Public
Analysis of the "#VulkanFiles" Leak
Cybersecurity | english only |

Analysis of the "#VulkanFiles" Leak

A whistleblower has provided several media organizations with access to leaked documents from a Russian IT firm named NTC Vulkan (Russian: НТЦ Вулкан) that allegedly show how the firm supports Russia's military and intelligence agencies with cyber warfare tools. Journalists from Der Spiegel and Munich-based investigative group Paper

 and  Ferenc Fresz
Members Public

Latest

Portál átállás - Breaking News
News

Portál átállás - Breaking News

Portálunk 2025. február 1-től a GHOST-ról a Substack platformra költözik! Az új rendszer egyszerűbb használhatóságot, erősebb közösségi interakciót és kiváló mobilélményt biztosít számotokra.

 and  Ferenc Fresz
Members Public