Click here to download all references as Bib-File.•
| 2022-08-25
⋅
Microsoft
⋅
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations MimiKatz |
| 2022-06-13
⋅
Microsoft
⋅
The many lives of BlackCat ransomware BlackCat |
| 2022-05-09
⋅
Microsoft Security
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself Griffon BazarBackdoor BlackCat BlackMatter Blister Gozi LockBit Pandora Rook SystemBC TrickBot |
| 2022-05-09
⋅
Microsoft
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT |
| 2022-04-13
⋅
Microsoft
⋅
Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware BlackMatter Cobalt Strike DarkSide Ryuk Zloader |
| 2022-03-22
⋅
Microsoft
⋅
DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction RedLine Stealer LAPSUS |
| 2022-02-02
⋅
Microsoft
⋅
The evolution of a Mac trojan: UpdateAgent’s progression UpdateAgent |
| 2022-01-18
⋅
Microsoft
⋅
Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA WhisperGate |
| 2022-01-15
⋅
Microsoft
⋅
Destructive malware targeting Ukrainian organizations (DEV-0586) WhisperGate DEV-0586 |
| 2021-12-11
⋅
Microsoft
⋅
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability Khonsari NightSky BRONZE STARLIGHT |
| 2021-12-09
⋅
Microsoft
⋅
A closer look at Qakbot’s latest building blocks (and how to knock them down) QakBot |
| 2021-11-11
⋅
Microsoft
⋅
HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks AsyncRAT Mekotio NjRAT |
| 2021-10-21
⋅
Microsoft
⋅
Franken-phish: TodayZoo built from other phishing kits |
| 2021-09-21
⋅
Microsoft
⋅
Catching the big fish: Analyzing a large-scale phishing-as-a-service operation |
| 2021-09-15
⋅
Microsoft
⋅
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability EXOTIC LILY |
| 2021-09-15
⋅
Microsoft
⋅
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability Cobalt Strike |
| 2021-08-26
⋅
Microsoft
⋅
Widespread credential phishing campaign abuses open redirector links |
| 2021-07-29
⋅
Microsoft
⋅
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks Lemon Duck |
| 2021-07-29
⋅
Microsoft
⋅
BazaCall: Phony call centers lead to exfiltration and ransomware BazarBackdoor Cobalt Strike |
| 2021-07-22
⋅
Microsoft
⋅
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure Lemon Duck |