www.darkreading.com
Open in
urlscan Pro
2606:4700::6811:7663
Public Scan
URL:
https://www.darkreading.com/threat-intelligence/microsoft-seizes?amp;utm_medium=twitter\u003ehttps://t.co/u4SFOTDnKu\u003c/e...
Submission: On December 07 via api from US — Scanned from DE
Submission: On December 07 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
The Edge DR Tech Sections Close Back Sections Featured Sections The Edge Dark Reading Technology Attacks / Breaches Cloud IoT Physical Security Perimeter Analytics Security Monitoring Security Monitoring App Sec Database Security Database Security Risk Compliance Compliance Threat Intelligence Endpoint AuthenticationMobile SecurityPrivacy AuthenticationMobile SecurityPrivacy Vulnerabilities / Threats Advanced ThreatsInsider ThreatsVulnerability Management Advanced ThreatsInsider ThreatsVulnerability Management Operations Identity & Access ManagementCareers & People Identity & Access ManagementCareers & People Black Hat news Omdia Research Security Now Events Close Back Events Events * Cybersecurity Outlook 2022 - December 8 Virtual Event * SupportWorld Live: May 15-20, 2022, MGM Grand, Las Vegas, NV Webinars * Cybersecurity Forecast 2022: Snowpocalypse or cloudy with a chance of rain? Dec 09, 2021 * Beyond Patch Management: Next-Generation Approaches to Finding and Fixing Vulnerable Code Dec 07, 2021 Resources Close Back Resources White Papers > Reports > Issues > Tech Library > Slideshows > Videos > Subscribe Login / Register The Edge DR Tech Sections Close Back Sections Featured Sections The Edge Dark Reading Technology Attacks / Breaches Cloud IoT Physical Security Perimeter Analytics Security Monitoring Security Monitoring App Sec Database Security Database Security Risk Compliance Compliance Threat Intelligence Endpoint AuthenticationMobile SecurityPrivacy AuthenticationMobile SecurityPrivacy Vulnerabilities / Threats Advanced ThreatsInsider ThreatsVulnerability Management Advanced ThreatsInsider ThreatsVulnerability Management Operations Identity & Access ManagementCareers & People Identity & Access ManagementCareers & People Black Hat news Omdia Research Security Now Events Close Back Events Events * Cybersecurity Outlook 2022 - December 8 Virtual Event * SupportWorld Live: May 15-20, 2022, MGM Grand, Las Vegas, NV Webinars * Cybersecurity Forecast 2022: Snowpocalypse or cloudy with a chance of rain? Dec 09, 2021 * Beyond Patch Management: Next-Generation Approaches to Finding and Fixing Vulnerable Code Dec 07, 2021 Resources Close Back Resources White Papers > Reports > Issues > Tech Library > Slideshows > Videos > The Edge DR Tech Sections Close Back Sections Featured Sections The Edge Dark Reading Technology Attacks / Breaches Cloud IoT Physical Security Perimeter Analytics Security Monitoring Security Monitoring App Sec Database Security Database Security Risk Compliance Compliance Threat Intelligence Endpoint AuthenticationMobile SecurityPrivacy AuthenticationMobile SecurityPrivacy Vulnerabilities / Threats Advanced ThreatsInsider ThreatsVulnerability Management Advanced ThreatsInsider ThreatsVulnerability Management Operations Identity & Access ManagementCareers & People Identity & Access ManagementCareers & People Black Hat news Omdia Research Security Now Events Close Back Events Events * Cybersecurity Outlook 2022 - December 8 Virtual Event * SupportWorld Live: May 15-20, 2022, MGM Grand, Las Vegas, NV Webinars * Cybersecurity Forecast 2022: Snowpocalypse or cloudy with a chance of rain? Dec 09, 2021 * Beyond Patch Management: Next-Generation Approaches to Finding and Fixing Vulnerable Code Dec 07, 2021 Resources Close Back Resources White Papers > Reports > Issues > Tech Library > Slideshows > Videos > -------------------------------------------------------------------------------- Subscribe Login / Register SEARCH A minimum of 3 characters are required to be typed in the search bar in order to perform a search. Announcements 1. 2. Event Cybersecurity Outlook 2022 | A FREE Dark Reading & Black Hat Virtual Event | December 8, 2021 <REGISTER NOW> Alert Check out our NEW section called "DR Tech" for comprehensive coverage of new & emerging cybersecurity technology. PreviousNext Threat Intelligence Quick Hits MICROSOFT SEIZES MALICIOUS WEBSITES USED BY PROLIFIC CHINESE APT GROUP The so-called Nikel cyber espionage attack group - aka APT15, Vixen Panda, KE3CHANG, Royal APT, and Playful Dragon - has been in Microsoft's sights since 2016. Dark Reading Staff Dark Reading December 06, 2021 PDF Microsoft's Digital Crimes Unit (DCU) has seized websites used by a China-based cyber-espionage hacking team to wage cyberattacks on government agencies, think tanks, and human rights organizations in some 29 countries, including the US. The hacking group, dubbed Nickel by Microsoft, is also known as APT15, Vixen Panda, KE3CHANG, Royal APT, and Playful Dragon. The disruption of the threat group's infrastructure came via a court order granted to Microsoft by the US District Court for the Eastern District of Virginia and unsealed today. "Obtaining control of the malicious websites and redirecting traffic from those sites to Microsoft’s secure servers will help us protect existing and future victims while learning more about Nickel’s activities," wrote Tom Burt, vice president of customer security and trust, in a post announcing the news today. "Our disruption will not prevent Nickel from continuing other hacking activities, but we do believe we have removed a key piece of the infrastructure the group has been relying on for this latest wave of attacks." Microsoft's Threat Intelligence Center has been monitoring Nickel since 2016 and studying the groups cyber-espionage campaigns via the infrastructure since 2019. The attackers targeted unpatched Exchange Server and SharePoint systems. Read more here and here. Vulnerabilities/ThreatsAttacks/BreachesRiskEndpoint Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. Subscribe Recommended Reading: 7 Ways to Reduce Cyber Threats From Remote Workers Reuven Aronashvili 5 April 2021 darkreading.com 7 Ways to Reduce Cyber Threats From Remote Workers The pandemic's decline won't stop the work-from-home trend nor the im… Software, Incident Response Among Big Focus Areas in Biden's Cybersecu… Jai Vijayan 13 May 2021 darkreading.com Software, Incident Response Among Big Focus Areas in Biden's Cybersecurity Executive Order Overall objectives are good, … Attackers Compromised Code-Checking Vendor's Tool for Two Months Robert Lemos 20 April 2021 darkreading.com Attackers Compromised Code-Checking Vendor's Tool for Two Months A script used to upload sensitive reports-with access t… How to Build a Resilient IoT Framework Samuel Greengard 1 April 2021 darkreading.com How to Build a Resilient IoT Framework For all of their benefits, IoT devices weren't built with security in mind -- and… How the Biden Administration Can Make Digital Identity a Reality Hal Granoff 16 April 2021 darkreading.com How the Biden Administration Can Make Digital Identity a Reality A digital identity framework is the answer to the US go… Watch Out for These Cyber-Risks Ken Todd 30 March 2021 darkreading.com Watch Out for These Cyber-Risks It's difficult to predict what will materialize in the months ahead in terms of cyber-ri… More Insights White Papers * Protecting Your Mainframe Against Relentless Ransomware * 2021 Ransomware Threat Report More White Papers Webinars * Cybersecurity Forecast 2022: Snowpocalypse or cloudy with a chance of rain? * Beyond Patch Management: Next-Generation Approaches to Finding and Fixing Vulnerable Code More Webinars Reports * 10 Hot Talks From Black Hat USA 2021 * Enterprise Cybersecurity Plans in a Post-Pandemic World More Reports Editors' Choice In Appreciation: Dark Reading's Tim Wilson Dark Reading Staff, Dark Reading Finding Your Niche in Cybersecurity Kristina Balaam, Senior Security Intelligence Engineer, Lookout HP Issues Firmware Updates for Printer Product Vulnerabilities Jai Vijayan, Contributing Writer 10 Stocking Stuffers for Security Geeks Ericka Chickowski, Contributing Writer Webinars * Cybersecurity Forecast 2022: Snowpocalypse or cloudy with a chance of rain? * Beyond Patch Management: Next-Generation Approaches to Finding and Fixing Vulnerable Code * Cybersecurity Outlook 2022 Virtual Event * Protecting Enterprise Data from Malicious Insiders * Optimizing Your Cloud Backups Virtual Event 11/11 More Webinars White Papers * Protecting Your Mainframe Against Relentless Ransomware * 2021 Ransomware Threat Report * Simple Solutions for Continuous Visibility to Active Directory Exposures & Live Attacks * The Buyer's Guide to Next Generation Cloud Security Posture Management * Incident Readiness and Building Response Playbook More White Papers Events * Cybersecurity Outlook 2022 - December 8 Virtual Event * SupportWorld Live: May 15-20, 2022, MGM Grand, Las Vegas, NV More Events More Insights White Papers * Protecting Your Mainframe Against Relentless Ransomware * 2021 Ransomware Threat Report More White Papers Webinars * Cybersecurity Forecast 2022: Snowpocalypse or cloudy with a chance of rain? * Beyond Patch Management: Next-Generation Approaches to Finding and Fixing Vulnerable Code More Webinars Reports * 10 Hot Talks From Black Hat USA 2021 * Enterprise Cybersecurity Plans in a Post-Pandemic World More Reports DISCOVER MORE FROM INFORMA TECH * Interop * InformationWeek * Network Computing * ITPro Today * Data Center Knowledge * Black Hat * Omdia WORKING WITH US * About Us * Advertise * Reprints FOLLOW DARK READING ON SOCIAL * * * * * Home * Cookies * Privacy * Terms Copyright © 2021 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG. This site uses cookies to provide you with the best user experience possible. By using Dark Reading, you accept our use of cookies. Accept