Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-05-11Twitter (@MsftSecIntel)Microsoft Security Intelligence
Tweet on Snip3 crypter delivering AsyncRAT or AgentTesla
Agent Tesla AsyncRAT
2021-05-07Cisco TalosAndrew Windsor, Caitlin Huey, Edmund Brumaghin
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
CHINACHOPPER Cobalt Strike Lemon Duck
2021-05-07Cisco TalosAndrew Windsor, Caitlin Huey, Edmund Brumaghin
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
CHINACHOPPER Cobalt Strike Lemon Duck
2021-05-07Cisco TalosAndrew Windsor, Caitlin Huey, Edmund Brumaghin
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
CHINACHOPPER Cobalt Strike Lemon Duck
2021-05-07SophosLabs UncutRajesh Nataraj
New Lemon Duck variants exploiting Microsoft Exchange Server
CHINACHOPPER Cobalt Strike Lemon Duck
2021-05-07MicrosoftMicrosoft
Human operated ransomware
2021-04-26Medium testbnullMin-Chang Jang
Microsoft Exchange From Deserialization to Post-Auth RCE (CVE-2021–28482)
2021-04-22CybereasonLior Rochberger
Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities
Prometei Prometei
2021-04-20Bleeping ComputerLawrence Abrams
Fake Microsoft Store, Spotify sites spread info-stealing malware
Ficker Stealer
2021-04-19CERT NZCERT NZ
Microsoft 365 phishing using fake voicemail messages
2021-04-16Trend MicroNitesh Surana
Could the Microsoft Exchange breach be stopped?
CHINACHOPPER
2021-04-16Associated PressFrank Bajak, Matt O'Brien
Sanctioned Russian IT firm was partner with Microsoft, IBM
2021-04-16Associated PressFrank Bajak, Matt O'Brien
Sanctioned Russian IT firm was partner with Microsoft, IBM
2021-04-16Zero DayKim Zetter
Sanctioned Firm Accused of Helping Russian Intelligence Was Part of Microsoft’s Early Vuln Access Program — MAPP
2021-04-15Palo Alto Networks Unit 42Robert Falcone
Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials
CHINACHOPPER
2021-04-13Department of JusticeDepartment of Justice
Justice Department announces court-authorized effort to disrupt exploitation of Microsoft Exchange Server vulnerabilities
2021-04-09MicrosoftEmily Hacker, Justin Carroll, Microsoft 365 Defender Threat Intelligence Team
Investigating a unique “form” of email delivery for IcedID malware
IcedID
2021-04-09MicrosoftEmily Hacker, Justin Carroll, Microsoft 365 Defender Threat Intelligence Team
Investigating a unique “form” of email delivery for IcedID malware
IcedID
2021-04-09MicrosoftEmily Hacker, Justin Carroll, Microsoft 365 Defender Threat Intelligence Team
Investigating a unique “form” of email delivery for IcedID malware
IcedID
2021-04-01MicrosoftCole Sodja, Joshua Neil, Justin Carroll, Melissa Turcotte, Microsoft 365 Defender Research Team
Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting