AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Microsoft secure email2/17/2023 Observed victims to date include law firms, banks, and strategic consultancies in countries such as Austria, the United Kingdom, and Panama. “As part of our investigation into the utility of this malware, Microsoft’s communications with a Subzero victim revealed that they had not commissioned any red teaming or penetration testing, and confirmed that it was unauthorized, malicious activity. The company, which was established in 2016, claims to be involved in building red teaming technology but Microsoft says its investigation paints a different picture.įrom the Microsoft documentation on DSIRF: This is not the first time DSIRF has come under scrutiny for operating malware infrastructure. The software giant said the Austria-based DSIRF falls into a category of cyber mercenaries that sell hacking tools or services through a variety of business models and double up by performing hack-for-hire targeted attack operations.īased on observed attacks and news reports, Microsoft said it has evidence that DSIRF sells the Subzero malware to third parties but was also caught using its own infrastructure in some attacks, suggesting more direct involvement. Microsoft patched the vulnerability in this month’s batch of patches and is urging Windows fleet administrations to “expedite deployment of the July 2022 Microsoft security updates” to protect their systems against exploits using the CVE-2022-22047 entry point. The company, called DSIRF, has been linked to a malware suite called ‘Subzero’ that has been deployed over the last two years via zero day exploits in Windows and Adobe’s flagship Reader software.Īccording to cross-team documentation from the Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC), the Austrian private sector offensive actor was behind the zero-day attacks exploiting CVE-2022-22047, a recently patched security defect in the Windows Client/Server Runtime Subsystem (csrss.exe) Malware hunters at Microsoft have caught an Austrian hack-for-hire company exploiting zero-day flaws in Windows and Adobe software products in “limited and targeted attacks” against European and Central American computer users.
0 Comments
Read More
Leave a Reply. |