Malpedia Library

Click here to download all references as Bib-File.•

2021-07-19 ⋅ Washington Post ⋅ Ellen Nakashima, John Hudson
U.S., allies accuse China of hacking Microsoft and condoning other cyberattacks (APT40)

2021-07-15 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware
DevilsTongue Caramel Tsunami

2021-07-15 ⋅ Microsoft ⋅ Cristin Goodwin
Fighting cyberweapons built by private businesses

2021-07-15 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware

2021-07-14 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Microsoft delivers comprehensive solution to battle rise in consent phishing emails

2021-07-13 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Microsoft discovers threat actor (DEV-0322) targeting SolarWinds Serv-U software with 0-day exploit

2021-06-28 ⋅ Vice Motherboard ⋅ Lorenzo Franceschi-Bicchierai
Hackers Tricked Microsoft Into Certifying Malware That Could Spy on Users
NetfilterRootkit

2021-06-25 ⋅ Microsoft ⋅ MSRC Team
New Nobelium activity

2021-06-25 ⋅ Microsoft ⋅ MSRC Team
Investigating and Mitigating Malicious Drivers
NetfilterRootkit

2021-06-25 ⋅ Gdata ⋅ Florian Roth, Johann Aydinbas, Karsten Hahn, Takahiro Haruyama
Microsoft signed a malicious Netfilter rootkit
NetfilterRootkit

2021-06-17 ⋅ struppigel ⋅ Karsten Hahn
Tweet on Network filter rootkit driver signed by Microsoft

2021-06-14 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

2021-06-11 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Tweet on solarmarker/Jupyter malware
solarmarker

2021-06-08 ⋅ Microsoft ⋅ Yossi Weizman
New large-scale campaign targets Kubeflow

2021-06-08 ⋅ The Record ⋅ Catalin Cimpanu
Microsoft patches six Windows zero-days, including a commercial exploit

2021-06-01 ⋅ Microsoft ⋅ Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
New sophisticated email-based attack from NOBELIUM
Cobalt Strike

2021-05-30 ⋅ Microsoft ⋅ Tom Burt
Defend and deter

2021-05-28 ⋅ Microsoft ⋅ Microsoft Threat Intelligence Center (MSTIC)
Breaking down NOBELIUM’s latest early-stage toolset
BOOMBOX Cobalt Strike

2021-05-27 ⋅ Microsoft ⋅ Tom Burt
Another Nobelium Cyberattack

2021-05-21 ⋅ ⋅ LAC ⋅ Yoshihiro Ishikawa
Targeted attack by 'Cobalt Strike loader' that exploits Microsoft's digital signature-Attacker group APT41
Cobalt Strike DUSTPAN