all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover

Add to bookmarks
May 17, 2023, 11:52 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A financially motivated cyber actor has been observed abusing Microsoft Azure Serial Console on virtual machines (VMs) to install third-party remote management tools within compromised environments.
Google-owned Mandiant attributed the activity to a threat group it tracks under the name UNC3944, which is also known as Roasted 0ktapus and Scattered Spider.
"This method of attack was unique in

0ktapus abusing actor azure compromised console cyber environments google install machines management mandiant microsoft microsoft azure name party remote management takeover third third-party threat threat group tools under virtual virtual machines vms

Visit resource

More from thehackernews.com / The Hacker News

U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks 3 hours ago | thehackernews.com
april assets attacks command +19
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike 3 hours ago | thehackernews.com
attack called campaign cobalt +22
Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users 7 hours ago | thehackernews.com
app apps baidu chinese +22
CISO Perspectives on Complying with Cybersecurity Regulations 7 hours ago | thehackernews.com
accountability ciso cisos compliance +22
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners 9 hours ago | thehackernews.com
actor antivirus antivirus software avast +22
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers 11 hours ago | thehackernews.com
actor cache campaign cdn +20
Apache Cordova App Harness Targeted in Dependency Confusion Attack 1 day, 2 hours ago | thehackernews.com
actor apache app attack +21
Webinar: Learn Proactive Supply Chain Threat Hunting Techniques 1 day, 5 hours ago | thehackernews.com
attacks breach cybersecurity defenses +23
Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases 1 day, 5 hours ago | thehackernews.com
access action call called +30

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Specialist

@ Lely | Maassluis, Netherlands
View on infosec-jobs.com

IT Security Manager (Corporate Security) (REF822R)

@ Deutsche Telekom IT Solutions | Budapest, Hungary
View on infosec-jobs.com

Senior Security Architect

@ Cassa Centrale Banca - Credito Cooperativo Italiano | Trento, IT, 38122
View on infosec-jobs.com

Senior DevSecOps Engineer

@ Raft | Las Vegas, NV (Remote)
View on infosec-jobs.com

Product Manager - Compliance

@ Arctic Wolf | Remote - Colorado
View on infosec-jobs.com
View more jobs