Diamond Sleet supply chain compromise distributes a modified CyberLink installer | allinfosecnews.com

Nov. 22, 2023, 5 p.m. | Microsoft Threat Intelligence

Microsoft Security Blog www.microsoft.com

Microsoft has uncovered a supply chain attack by the threat actor Diamond Sleet (ZINC) involving a malicious variant of an application developed by CyberLink Corp. This malicious file is a legitimate CyberLink application installer that has been modified to include malicious code that downloads, decrypts, and loads a second-stage payload. The file, which was signed using a valid certificate issued to CyberLink Corp., is hosted on legitimate update infrastructure owned by the organization.

The post Diamond Sleet supply chain compromise …

actor application attack code compromise cyberlink diamond diamond sleet downloads file installer malicious microsoft payload sleet stage supply supply chain supply chain attack supply chain compromise threat threat actor uncovered zinc

More from www.microsoft.com / Microsoft Security Blog

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials 5 days, 20 hours ago | www.microsoft.com

blizzard compromise credentials cve +20

Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 1 week, 3 days ago | www.microsoft.com

access attack attackers blog +17

How Microsoft discovers and mitigates evolving attacks against AI guardrails 2 weeks, 2 days ago | www.microsoft.com

address attacks blog guardrails +8

Explore Microsoft’s AI innovations at RSA Conference 2024 3 weeks, 2 days ago | www.microsoft.com

ai innovations blog conference event +12

Get end-to-end protection with Microsoft’s unified security operations platform, now in public preview 3 weeks, 3 days ago | www.microsoft.com

can center comprehensive approach cybersecurity +14

Frost & Sullivan names Microsoft a Leader in the Frost Radar™: Managed Detection and Response, … 1 month ago | www.microsoft.com

amp and response center defender +25

Microsoft Copilot for Security: General Availability details 1 month, 1 week ago | www.microsoft.com

amplify april availability copilot +13

Microsoft Copilot for Security is generally available on April 1, 2024, with new capabilities 1 month, 2 weeks ago | www.microsoft.com

april capabilities copilot govern +6

Enhancing protection: Updates on Microsoft’s Secure Future Initiative 1 month, 3 weeks ago | www.microsoft.com

blog customers engineering future +9

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Security Officer Hospital Laguna Beach

@ Allied Universal | Laguna Beach, CA, United States

View on infosec-jobs.com

Sr. Cloud DevSecOps Engineer

@ Oracle | NOIDA, UTTAR PRADESH, India

View on infosec-jobs.com

Cloud Operations Security Engineer

@ Elekta | Crawley - Cornerstone

View on infosec-jobs.com

Cybersecurity – Senior Information System Security Manager (ISSM)

@ Boeing | USA - Seal Beach, CA

View on infosec-jobs.com

Engineering -- Tech Risk -- Security Architecture -- VP -- Dallas

@ Goldman Sachs | Dallas, Texas, United States

View on infosec-jobs.com