Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-15MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
Cobalt Strike
2021-09-07Bleeping ComputerIonut Ilascu
Microsoft shares temp fix for ongoing Office 365 zero-day attacks ( CVE-2021-40444)
2021-09-03FireEyeAdrian Sanchez Hernandez, Alex Pennino, Andrew Rector, Brendan McKeague, Govand Sinjari, Harris Ansari, John Wolfram, Joshua Goddard, Yash Gupta
PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers
CHINACHOPPER HTran
2021-09-02MicrosoftMicrosoft Offensive Research & Security Engineering team
A deep-dive into the SolarWinds Serv-U SSH vulnerability (DEV-0322)
2021-08-30zero day initiativeSimon Zuckerbraun
ProxyToken: An Authentication Bypass in Microsoft Exchange Server
2021-08-26nprDina Temple-Raston
China's Microsoft Hack May Have Had A Bigger Purpose Than Just Spying
2021-08-26CrowdStrikeYaron Zinar
NTLM Keeps Haunting Microsoft
2021-08-26MicrosoftMicrosoft 365 Defender Threat Intelligence Team
Widespread credential phishing campaign abuses open redirector links
2021-08-25Cybleinccybleinc
​LockFile Ransomware: Exploiting Microsoft Exchange Vulnerabilities Using ProxyShell
LockFile
2021-08-23Sophos SecOpsGreg Iddon
ProxyShell vulnerabilities in Microsoft Exchange: What to do
LockFile
2021-08-19MicrosoftDavid Atch, Gil Regev, Ross Bevington
How to proactively defend against Mozi IoT botnet
Mozi
2021-08-19Huntress LabsJohn Hammond
Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit
2021-08-10IntezerGiancarlo Lezama
Fast Insights for a Microsoft-Signed Netfilter Rootkit
NetfilterRootkit
2021-08-04FireEyeDoug Bienstock, Josh Madeley
Cloudy with a Chance of APTNovel Microsoft 365 Attacks in the Wild
2021-08-04MicrosoftMicrosoft 365 Defender Research Team
Spotting brand impersonation with Swin transformers and Siamese neural networks
2021-07-29MicrosoftMicrosoft Defender Threat Intelligence
BazaCall: Phony call centers lead to exfiltration and ransomware
BazarBackdoor BazarCall
2021-07-29MicrosoftMicrosoft 365 Defender Threat Intelligence Team
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
Lemon Duck
2021-07-29MicrosoftMicrosoft 365 Defender Threat Intelligence Team
BazaCall: Phony call centers lead to exfiltration and ransomware
BazarBackdoor Cobalt Strike
2021-07-27Palo Alto Networks Unit 42Alex Hinchliffe, Mike Harbison
THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group
PlugX
2021-07-24Twitter (@MsftSecIntel)Microsoft Security Intelligence
Tweet on attackers increasingly using HTML smuggling in phishing and other email campaigns to deliver Casbaneiro
Metamorfo