Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-23InQuestPedram Amini
Follina, the Latest in a Long Chain of Microsoft Office Exploits
2022-06-21BleepingComputerSergiu Gatlan
Microsoft Exchange servers hacked by new ToddyCat APT gang
ToddyCat
2022-06-16ESET ResearchRene Holt
How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security
Emotet
2022-06-13MicrosoftMicrosoft Threat Intelligence
The many lives of BlackCat ransomware
BlackCat Velvet Tempest
2022-06-13MicrosoftMicrosoft 365 Defender Threat Intelligence Team
The many lives of BlackCat ransomware
BlackCat
2022-06-11Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on DEV-0401, DEV-0234 exploiting Confluence RCE CVE-2022-26134
Kinsing Mirai Cobalt Strike Lilac Typhoon
2022-06-03TrustwaveTrustwave SpiderLabs
Trustwave's Action Response: Microsoft zero-day CVE-2022-30190 (aka Follina)
2022-06-02MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Exposing POLONIUM activity and infrastructure targeting Israeli organizations
POLONIUM
2022-06-02MicrosoftMicrosoft Digital Crimes Unit
Complaint filed by Microsoft Digital Crimes Unit against BOHRIUM, a Iranian threat actor
2022-06-01FortinetFred Gutierrez, James Slaughter, Shunichi Imano
CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina”
turian
2022-05-24Deep instinctBar Block
Blame the Messenger: 4 Types of Dropper Malware in Microsoft Office & How to Detect Them
Dridex Emotet
2022-05-22Bleeping ComputerBill Toulas
PDF smuggles Microsoft Word doc to drop Snake Keylogger malware
404 Keylogger
2022-05-19MicrosoftMicrosoft 365 Defender Research Team
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
XOR DDoS
2022-05-17Microsoft SecurityBerman Enconado, Laurie Kirk
In hot pursuit of ‘cryware’: Defending hot wallets from attacks
Mars Stealer RedLine Stealer
2022-05-09Microsoft SecurityMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
Griffon BazarBackdoor BlackCat BlackMatter Blister Gozi LockBit Pandora Rook SystemBC TrickBot
2022-05-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT
2022-05-06Twitter (@MsftSecIntel)Microsoft Security Intelligence
Twitter Thread on initial infeciton of SocGholish/ FAKEUPDATES campaigns lead to BLISTER Loader, CobaltStrike, Lockbit and followed by Hands On Keyboard activity
FAKEUPDATES Blister Cobalt Strike LockBit
2022-04-27MicrosoftMicrosoft Digital Security Unit (DSU)
Special Report: Ukraine An overview of Russia’s cyberattack activity in Ukraine
CaddyWiper DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket WhisperGate
2022-04-20Bleeping ComputerBill Toulas
Microsoft Exchange servers hacked to deploy Hive ransomware
Babuk BlackByte Conti Hive LockFile
2022-04-13MicrosoftAmy Hogan-Burney
Notorious cybercrime gang’s botnet disrupted
Ryuk Zloader