Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT
2022-05-06Twitter (@MsftSecIntel)Microsoft Security Intelligence
Twitter Thread on initial infeciton of SocGholish/ FAKEUPDATES campaigns lead to BLISTER Loader, CobaltStrike, Lockbit and followed by Hands On Keyboard activity
FAKEUPDATES Blister Cobalt Strike LockBit
2022-04-27MicrosoftMicrosoft Digital Security Unit (DSU)
Special Report: Ukraine An overview of Russia’s cyberattack activity in Ukraine
CaddyWiper DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket WhisperGate
2022-04-20Bleeping ComputerBill Toulas
Microsoft Exchange servers hacked to deploy Hive ransomware
Babuk BlackByte Conti Hive LockFile
2022-04-13MicrosoftAmy Hogan-Burney
Notorious cybercrime gang’s botnet disrupted
Ryuk Zloader
2022-04-13MicrosoftMicrosoft 365 Defender Threat Intelligence Team
Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware
BlackMatter Cobalt Strike DarkSide Ryuk Zloader
2022-04-12Microsoft SecurityDetection and Response Team (DART)
Tarrask malware uses scheduled tasks for defense evasion
Godzilla Webshell
2022-04-08The Hacker NewsRavie Lakshmanan
Microsoft Obtains Court Order to Take Down Domains Used to Target Ukraine
HilalRAT
2022-04-07Perception PointIgal Lytzki
Revenge RAT Malware is back: From Microsoft Excel macros to Remote Access Trojan
Revenge RAT
2022-04-07MicrosoftTom Burt
Disrupting cyberattacks targeting Ukraine (APT28)
2022-04-04CloudsekAnirudh Batra
Detailed Analysis of LAPSUS$ Cybercriminal Group that has Compromised Nvidia, Microsoft, Okta, and Globant
2022-03-31CrowdStrikeChristopher Romano, Vaishnav Murthy
Cloudy with a Chance of Unclear Mailbox Sync: CrowdStrike Services Identifies Logging Inconsistencies in Microsoft 365
2022-03-28Sentinel LABSKasif Dekel, Ronen Shustin
Pwning Microsoft Azure Defender for IoT | Multiple Flaws Allow Remote Code Execution for All
2022-03-28Bleeping ComputerBill Toulas
Microsoft Exchange targeted for IcedID reply-chain hijacking attacks
IcedID
2022-03-24Threat PostNate Nelson
Microsoft Help Files Disguise Vidar Malware
Vidar
2022-03-24CSO OnlineJon Gold
Microsoft help files repurposed to contain Vidar malware in new campaign
Vidar
2022-03-24Bleeping ComputerBill Toulas
Malicious Microsoft Excel add-ins used to deliver RAT malware
JSSLoader
2022-03-23SecurityAffairsPierluigi Paganini
It’s official, Lapsus$ gang compromised a Microsoft employee’s account
RedLine Stealer
2022-03-22MicrosoftMicrosoft Incident Response, Microsoft Threat Intelligence
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
LAPSUS
2022-03-22MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction
RedLine Stealer LAPSUS