Click here to download all references as Bib-File.•
| 2021-12-06
⋅
Microsoft
⋅
NICKEL targeting government organizations across Latin America and Europe MimiKatz |
| 2021-12-06
⋅
Mandiant
⋅
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452) Cobalt Strike CryptBot |
| 2021-11-18
⋅
Microsoft
⋅
Iranian targeting of IT sector on the rise MimiKatz ShellClient RAT Cuboid Sandstorm |
| 2021-11-16
⋅
Microsoft
⋅
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 |
| 2021-11-08
⋅
Microsoft
⋅
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus |
| 2021-10-25
⋅
Microsoft
⋅
NOBELIUM targeting delegated administrative privileges to facilitate broader attacks |
| 2021-10-11
⋅
Microsoft
⋅
Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors |
| 2021-09-27
⋅
Microsoft
⋅
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor |
| 2021-09-15
⋅
Microsoft
⋅
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability EXOTIC LILY |
| 2021-09-15
⋅
Microsoft
⋅
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability Cobalt Strike |
| 2021-07-15
⋅
Microsoft
⋅
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware |
| 2021-07-14
⋅
Microsoft
⋅
Microsoft delivers comprehensive solution to battle rise in consent phishing emails |
| 2021-07-13
⋅
Microsoft
⋅
Microsoft discovers threat actor (DEV-0322) targeting SolarWinds Serv-U software with 0-day exploit |
| 2021-06-14
⋅
Microsoft
⋅
Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign |
| 2021-06-01
⋅
Microsoft
⋅
New sophisticated email-based attack from NOBELIUM Cobalt Strike |
| 2021-05-28
⋅
Microsoft
⋅
Breaking down NOBELIUM’s latest early-stage toolset BOOMBOX Cobalt Strike |
| 2021-03-04
⋅
Microsoft
⋅
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence SUNBURST TEARDROP UNC2452 |
| 2021-03-02
⋅
Microsoft
⋅
HAFNIUM targeting Exchange Servers with 0-day exploits CHINACHOPPER HAFNIUM |
| 2021-03-02
⋅
Microsoft
⋅
HAFNIUM targeting Exchange Servers with 0-day exploits PowerCat |
| 2021-01-28
⋅
Microsoft
⋅
ZINC attacks against security researchers ComeBacker Klackring |
| 2021-01-20
⋅
Microsoft
⋅
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop Cobalt Strike SUNBURST TEARDROP |
| 2020-12-18
⋅
Microsoft
⋅
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers SUNBURST SUPERNOVA TEARDROP UNC2452 |
| 2020-11-30
⋅
Microsoft
⋅
Threat actor (BISMUTH) leverages coin miner techniques to stay under the radar – here’s how to spot them Cobalt Strike |
| 2020-09-10
⋅
Microsoft
⋅
STRONTIUM: Detecting new patterns in credential harvesting APT28 |
| 2019-12-12
⋅
Microsoft
⋅
GALLIUM: Targeting global telecom CHINACHOPPER Ghost RAT HTran MimiKatz Poison Ivy GALLIUM |