Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-05-15MicrosoftMicrosoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot
2024-04-22MicrosoftMicrosoft Threat Intelligence
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
GooseEgg
2024-02-07MicrosoftMicrosoft Threat Intelligence
Iran surges cyber-enabled influence operations in support of Hamas
2024-01-25MicrosoftMicrosoft Threat Intelligence
Midnight Blizzard: Guidance for responders on nation-state attack
UNC2452
2024-01-17MicrosoftMicrosoft Threat Intelligence
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
MediaPI
2023-12-12MicrosoftMicrosoft Threat Intelligence
Threat actors misuse OAuth applications to automate financially driven attacks
Storm-1283 Storm-1286
2023-12-07MicrosoftMicrosoft Threat Intelligence
Star Blizzard increases sophistication and evasion in ongoing attacks
Callisto
2023-12-01Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Danabot leading to cactus ransomware
Cactus DanaBot Storm-1044
2023-11-22MicrosoftMicrosoft Threat Intelligence
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
LambLoad
2023-11-09MicrosoftMicrosoft Threat Intelligence
Microsoft shares threat intelligence at CYBERWARCON 2023
Blue Tsunami
2023-10-18MicrosoftMicrosoft Threat Intelligence
Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability
FeedLoad ForestTiger HazyLoad RollSling Silent Chollima
2023-10-13Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Storm-1575 and Dadsec phishing platform
Storm-1575
2023-10-11Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Storm-0062 exploiting CVE-2023-22515
Storm-0062
2023-09-12MicrosoftMicrosoft Threat Intelligence
Malware distributor Storm-0324 facilitates ransomware access
JSSLoader Storm-0324
2023-08-28Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on AiTM phishing trends
Storm-1295
2023-08-24MicrosoftMicrosoft Threat Intelligence
Flax Typhoon using legitimate software to quietly access Taiwanese organizations
Flax Typhoon
2023-08-02MicrosoftMicrosoft Threat Intelligence
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
UNC2452
2023-07-19Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard
DeliveryCheck Kazuar
2023-07-14MicrosoftMicrosoft Threat Intelligence
Analysis of Storm-0558 techniques for unauthorized email access
Storm-0558
2023-06-14MicrosoftMicrosoft Threat Intelligence
Cadet Blizzard emerges as a novel and distinct Russian threat actor
p0wnyshell reGeorg WhisperGate DEV-0586 SaintBear