Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-22MicrosoftMicrosoft 365 Defender Research Team
Malicious OAuth applications used to compromise email servers and spread spam
2022-09-21MicrosoftAbhishek Pustakala, Harshita Tripathi, Microsoft 365 Defender Research Team, Shivang Desai
Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices
2022-08-25MicrosoftMicrosoft 365 Defender Research Team, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations
MimiKatz
2022-08-18MicrosoftAmitrajit Banerjee, Andrea Lelli, Microsoft 365 Defender Research Team, Suriyaraj Natarajan
Hardware-based threat defense against increasingly complex cryptojackers
2022-07-26MicrosoftMicrosoft 365 Defender Research Team
Malicious IIS extensions quietly open persistent backdoors into servers
CHINACHOPPER MimiKatz
2022-07-13MicrosoftJonathan Bar Or, Microsoft 365 Defender Research Team
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706
2022-07-12MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
2022-06-30MicrosoftAmir Kutcher, Microsoft 365 Defender Research Team, Philip Tsukerman, Tomer Cabouly
Using process creation properties to catch evasion techniques
2022-06-30MicrosoftMicrosoft 365 Defender Research Team
Toll fraud malware: How an Android application can drain your wallet
Joker
2022-05-19MicrosoftMicrosoft 365 Defender Research Team
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
XOR DDoS
2021-08-04MicrosoftMicrosoft 365 Defender Research Team
Spotting brand impersonation with Swin transformers and Siamese neural networks
2021-06-14MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign
2021-04-01MicrosoftCole Sodja, Joshua Neil, Justin Carroll, Melissa Turcotte, Microsoft 365 Defender Research Team
Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting
2021-02-11MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Research Team
Web shell attacks continue to rise
2021-01-20MicrosoftMicrosoft 365 Defender Research Team, Microsoft Cyber Defense Operations Center (CDOC), Microsoft Threat Intelligence Center (MSTIC)
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
Cobalt Strike SUNBURST TEARDROP
2020-12-18MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-10MicrosoftMicrosoft 365 Defender Research Team
Widespread malware campaign seeks to silently inject ads into search results, affects multiple browsers
2020-12-09MicrosoftMicrosoft 365 Defender Research Team
EDR in block mode stops IcedID cold
IcedID