Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-05-28MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Breaking down NOBELIUM’s latest early-stage toolset
BOOMBOX Cobalt Strike
2021-05-27MicrosoftTom Burt
Another Nobelium Cyberattack
2021-05-21LACYoshihiro Ishikawa
Targeted attack by 'Cobalt Strike loader' that exploits Microsoft's digital signature-Attacker group APT41
Cobalt Strike DUSTPAN
2021-05-21blackarrowPablo Ambite
Leveraging Microsoft Teams to persist and cover up Cobalt Strike traffic
Cobalt Strike
2021-05-20MicrosoftMicrosoft 365 Defender Threat Intelligence Team
Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment
Phorpiex
2021-05-20Github (microsoft)Microsoft
Microsoft 365 Defender Hunting Queries for hunting multiple threat actors' TTPs and malwares
STRRAT OceanLotus BabyShark Elise Revenge RAT WastedLocker Zebrocy
2021-05-20Twitter (@MsftSecIntel)Microsoft Security Intelligence
Tweet on Java-based STRRAT malware campaign distributed via email
STRRAT
2021-05-12MicrosoftMicrosoft
Incident response playbooks
2021-05-11Twitter (@MsftSecIntel)Microsoft Security Intelligence
Tweet on Snip3 crypter delivering AsyncRAT or AgentTesla
Agent Tesla AsyncRAT
2021-05-07Cisco TalosAndrew Windsor, Caitlin Huey, Edmund Brumaghin
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
CHINACHOPPER Cobalt Strike Lemon Duck
2021-05-07SophosLabs UncutRajesh Nataraj
New Lemon Duck variants exploiting Microsoft Exchange Server
CHINACHOPPER Cobalt Strike Lemon Duck
2021-05-07MicrosoftMicrosoft
Human operated ransomware
2021-04-26Medium testbnullMin-Chang Jang
Microsoft Exchange From Deserialization to Post-Auth RCE (CVE-2021–28482)
2021-04-22CybereasonLior Rochberger
Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities
Prometei Prometei
2021-04-20Bleeping ComputerLawrence Abrams
Fake Microsoft Store, Spotify sites spread info-stealing malware
Ficker Stealer
2021-04-19CERT NZCERT NZ
Microsoft 365 phishing using fake voicemail messages
2021-04-16Trend MicroNitesh Surana
Could the Microsoft Exchange breach be stopped?
CHINACHOPPER
2021-04-16Associated PressFrank Bajak, Matt O'Brien
Sanctioned Russian IT firm was partner with Microsoft, IBM
2021-04-16Zero DayKim Zetter
Sanctioned Firm Accused of Helping Russian Intelligence Was Part of Microsoft’s Early Vuln Access Program — MAPP
2021-04-15Palo Alto Networks Unit 42Robert Falcone
Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials
CHINACHOPPER