Microsoft has updated its Defender Threat Intelligence database with file hash and URL search capabilities as part of an effort to consolidate various streams of threat intelligence data, according to The Register.
Such search capability improvements enable Microsoft Defender TI to yield any threat intelligence or data analysis on the intelligence from file hash or URL inputs under the Summary tab, which also details key details and the reputation score of the document, while more insights regarding the document could be gleaned from Defender TI's Data tab.
"This provides a straightforward way to obtain insights about the file hash or URL and any associated links to intelligence articles where the file hash or URL has been listed as an Indicator of Compromise. With this information, security professionals can better understand potential threats and take appropriate action to protect their organization," noted Microsoft Senior Program Manager Dennis Mercer, who also touted Defender TI's use of static and dynamic file and URL analysis within and outside Microsoft's environment.
Ukrainian hacktivist operation IT Army has taken responsibility for a significant distributed denial-of-service attack against Russian local airline booking system Leonardo, which is used by over 50 Russian carriers, according to The Record, a news site by cybersecurity firm Recorded Future.
New attacks with the updated SysUpdate toolkit have been deployed by Chinese advanced persistent threat operation Budworm, also known as APT27, Emissary Panda, Bronze Union, Lucky Mouse, Iron Tiger, and Red Phoenix, against an Asian government and a Middle East-based telecommunications provider, reports The Hacker News.
Forty-five malicious NPM and PyPI packages have been deployed by threat actors to facilitate extensive data theft operations as part of a campaign that commenced on Sept. 12, according to BleepingComputer.