Click here to download all references as Bib-File.
2022-09-22 ⋅ Microsoft ⋅ Malicious OAuth applications used to compromise email servers and spread spam |
2022-09-21 ⋅ Microsoft ⋅ Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices |
2022-08-25 ⋅ Microsoft ⋅ MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations MimiKatz |
2022-08-18 ⋅ Microsoft ⋅ Hardware-based threat defense against increasingly complex cryptojackers |
2022-07-26 ⋅ Microsoft ⋅ Malicious IIS extensions quietly open persistent backdoors into servers CHINACHOPPER MimiKatz |
2022-07-13 ⋅ Microsoft ⋅ Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 |
2022-07-12 ⋅ Microsoft ⋅ From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud |
2022-06-30 ⋅ Microsoft ⋅ Toll fraud malware: How an Android application can drain your wallet Joker |
2022-06-30 ⋅ Microsoft ⋅ Using process creation properties to catch evasion techniques |
2022-05-19 ⋅ Microsoft ⋅ Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices XOR DDoS |
2021-08-04 ⋅ Microsoft ⋅ Spotting brand impersonation with Swin transformers and Siamese neural networks |
2021-06-14 ⋅ Microsoft ⋅ Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign |
2021-04-01 ⋅ Microsoft ⋅ Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting |
2021-02-11 ⋅ Microsoft ⋅ Web shell attacks continue to rise |
2021-01-20 ⋅ Microsoft ⋅ Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop Cobalt Strike SUNBURST TEARDROP |
2020-12-18 ⋅ Microsoft ⋅ Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers SUNBURST SUPERNOVA TEARDROP UNC2452 |
2020-12-10 ⋅ Microsoft ⋅ Widespread malware campaign seeks to silently inject ads into search results, affects multiple browsers |
2020-12-09 ⋅ Microsoft ⋅ EDR in block mode stops IcedID cold IcedID |