Malpedia Library

Click here to download all references as Bib-File.•

2021-08-10 ⋅ Intezer ⋅ Giancarlo Lezama
Fast Insights for a Microsoft-Signed Netfilter Rootkit
NetfilterRootkit

2021-08-04 ⋅ FireEye ⋅ Doug Bienstock, Josh Madeley
Cloudy with a Chance of APTNovel Microsoft 365 Attacks in the Wild

2021-08-04 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team
Spotting brand impersonation with Swin transformers and Siamese neural networks

2021-07-29 ⋅ Microsoft ⋅ Microsoft Defender Threat Intelligence
BazaCall: Phony call centers lead to exfiltration and ransomware
BazarBackdoor BazarCall

2021-07-29 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
Lemon Duck

2021-07-29 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
BazaCall: Phony call centers lead to exfiltration and ransomware
BazarBackdoor Cobalt Strike

2021-07-27 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Hinchliffe, Mike Harbison
THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group
PlugX

2021-07-24 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on attackers increasingly using HTML smuggling in phishing and other email campaigns to deliver Casbaneiro
Metamorfo

2021-07-22 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
Lemon Duck

2021-07-20 ⋅ Microsoft ⋅ Microsoft Corporate Blogs
The growing threat of ransomware

2021-07-19 ⋅ Microsoft ⋅ Amy Hogan-Burney, Microsoft Digital Crimes Unit
Fighting an emerging cybercrime trend

2021-07-19 ⋅ Washington Post ⋅ Ellen Nakashima, John Hudson
U.S., allies accuse China of hacking Microsoft and condoning other cyberattacks (APT40)

2021-07-15 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware
Caramel Tsunami

2021-07-15 ⋅ Microsoft ⋅ Cristin Goodwin
Fighting cyberweapons built by private businesses

2021-07-15 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware

2021-07-14 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Microsoft delivers comprehensive solution to battle rise in consent phishing emails

2021-07-13 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Microsoft discovers threat actor (DEV-0322) targeting SolarWinds Serv-U software with 0-day exploit

2021-06-28 ⋅ Vice Motherboard ⋅ Lorenzo Franceschi-Bicchierai
Hackers Tricked Microsoft Into Certifying Malware That Could Spy on Users
NetfilterRootkit

2021-06-25 ⋅ Microsoft ⋅ MSRC Team
New Nobelium activity

2021-06-25 ⋅ Microsoft ⋅ MSRC Team
Investigating and Mitigating Malicious Drivers
NetfilterRootkit