Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-02-07MicrosoftMicrosoft Threat Intelligence
Iran surges cyber-enabled influence operations in support of Hamas
2024-01-30AT&T CybersecurityPeter Boyle
DarkGate malware delivered via Microsoft Teams - detection and response
DarkGate
2024-01-26Ars TechnicaDan Goodin
The life and times of Cozy Bear, the Russian hackers who just hit Microsoft and HPE
2024-01-25MicrosoftMicrosoft Threat Intelligence
Midnight Blizzard: Guidance for responders on nation-state attack
UNC2452
2024-01-19MicrosoftMSRC Team
Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
2024-01-17MicrosoftMicrosoft Threat Intelligence
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
MediaPI
2023-12-30Rewterz Information SecurityRewterz Information Security
Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs
HijackLoader Storm-1674
2023-12-29Security BoulevardWajahat Raja
Microsoft Storm-1152 Crackdown: Stopping Threat Actors
Storm-1152
2023-12-18Rewterz Information SecurityRewterz Information Security
Rewterz Threat Update – Microsoft Warns of Emerging Threat by Storm-0539 Behind Gift Card Frauds
Storm-0539 Storm-1152
2023-12-18BridewellJoshua Penny
Analysing a Widespread Microsoft 365 Credential Harvesting Campaign
Storm-1575
2023-12-13MicrosoftAmy Hogan-Burney
Disrupting the gateway services to cybercrime
Storm-1152
2023-12-12MicrosoftMicrosoft Threat Intelligence
Threat actors misuse OAuth applications to automate financially driven attacks
Storm-1283 Storm-1286
2023-12-07MicrosoftClint Watts
Russian influence and cyber operations adapt for long haul and exploit war fatigue
Storm-1099
2023-12-07MicrosoftMicrosoft Threat Intelligence
Star Blizzard increases sophistication and evasion in ongoing attacks
Callisto
2023-12-01MicrosoftHeike Ritter
Monthly news - December 2023
Pearl Sleet
2023-12-01Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Danabot leading to cactus ransomware
Cactus DanaBot Storm-1044
2023-11-22MicrosoftMicrosoft Threat Intelligence
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
LambLoad
2023-11-09MicrosoftMicrosoft Threat Intelligence
Microsoft shares threat intelligence at CYBERWARCON 2023
Blue Tsunami
2023-11-02MicrosoftHeike Ritter
Monthly news - November 2023
Storm-0539
2023-11-02MicrosoftHeike Ritter
Monthly news - November 2023
Storm-0062