Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-12AhnLabASEC Analysis Team
Magniber Ransomware Being Distributed via Microsoft Edge and Google Chrome
Magniber
2022-01-12NetskopeGustavo Palazolo
Abusing Microsoft Office Using Malicious Web Archive Files
2022-01-05Check PointGolan Cohen
Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk
Zloader
2022-01-04MicrosoftMicrosoft Detection and Response Team (DART)
Leveraging the Power of KQL in Incident Response
2021-12-11MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
Khonsari NightSky BRONZE STARLIGHT
2021-12-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team
A closer look at Qakbot’s latest building blocks (and how to knock them down)
QakBot
2021-12-06MicrosoftTom Burt
Protecting people from recent cyberattacks
2021-12-06Notice of PleadingsMicrosoft
Complaint filed by Microsoft against NICKEL/APT15
MimiKatz
2021-12-06MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
NICKEL targeting government organizations across Latin America and Europe
MimiKatz
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-12-02MicrosoftMicrosoft Threat Experts
Structured threat hunting: One way Microsoft Threat Experts prioritizes customer defense
2021-11-24safebreachTomer Bar
New PowerShortShell Stealer Exploits Recent Microsoft MSHTML Vulnerability to Spy on Farsi Speakers
PowerShortShell
2021-11-18MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Iranian targeting of IT sector on the rise
MimiKatz ShellClient RAT Cuboid Sandstorm
2021-11-17CISAAustralian Cyber Security Centre (ACSC), CISA, FBI, NCSC UK
Alert (AA21-321A): Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
2021-11-17MicrosoftPete Bryan
Creating your first Microsoft Sentinel Notebook
2021-11-16MicrosoftMicrosoft Threat Intelligence
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
APT35 Gray Sandstorm
2021-11-16MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
2021-11-11MicrosoftMicrosoft 365 Defender Threat Intelligence Team
HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks
AsyncRAT Mekotio NjRAT
2021-11-10MicrosoftJohn Lambert
The hunt for NOBELIUM, the most sophisticated nation-state attack in history
2021-11-08MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus