Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-14MicrosoftMicrosoft Threat Intelligence
Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets
APT33
2023-09-12MicrosoftMicrosoft Threat Intelligence
Malware distributor Storm-0324 facilitates ransomware access
JSSLoader Storm-0324
2023-08-28Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on AiTM phishing trends
Storm-1295
2023-08-24MicrosoftMicrosoft Threat Intelligence
Flax Typhoon using legitimate software to quietly access Taiwanese organizations
Flax Typhoon
2023-08-02MicrosoftMicrosoft Threat Intelligence
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
UNC2452
2023-07-19Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard
DeliveryCheck Kazuar
2023-07-14MicrosoftMicrosoft Threat Intelligence
Analysis of Storm-0558 techniques for unauthorized email access
Storm-0558
2023-06-14MicrosoftMicrosoft Threat Intelligence
Cadet Blizzard emerges as a novel and distinct Russian threat actor
p0wnyshell reGeorg WhisperGate DEV-0586 SaintBear
2023-06-08MicrosoftMicrosoft Threat Intelligence
Detecting and mitigating a multi-stage AiTM phishing and BEC campaign
Storm-1167
2023-05-24MicrosoftMicrosoft Threat Intelligence
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
Volt Typhoon
2023-04-19MicrosoftJustin Warner, Microsoft Threat Intelligence Center (MSTIC)
Exploring STRONTIUM's Abuse of Cloud Services
FusionDrive
2023-04-18MicrosoftMicrosoft Threat Intelligence
Nation-state threat actor PHOSPHORUS refines tradecraft to attack high-value targets
Drokbk
2023-04-13MicrosoftMicrosoft Threat Intelligence
Threat actors strive to cause Tax Day headaches
CloudEyE Remcos
2023-04-11MicrosoftMicrosoft Threat Intelligence
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
Carmine Tsunami
2023-04-07MicrosoftMicrosoft Threat Intelligence
MERCURY and DEV-1084: Destructive attack on hybrid environment
DarkBit Storm-1084
2023-03-15MicrosoftMicrosoft Threat Intelligence
A year of Russian hybrid warfare in Ukraine
CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket SwiftSlicer WhisperGate
2023-03-13MicrosoftMicrosoft Threat Intelligence Center
DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit
2023-02-02YouTube (SLEUTHCON)Christopher Glyer, Microsoft Threat Intelligence Center (MSTIC)
Lions, Tigers, and Infostealers - Oh my!
RecordBreaker RedLine Stealer Vidar
2022-12-15MicrosoftMicrosoft Threat Intelligence
MCCrash: Cross-platform DDoS botnet targets private Minecraft servers
DEV-1028
2022-10-27MicrosoftMicrosoft Threat Intelligence
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
FAKEUPDATES BumbleBee Clop Fauppod Raspberry Robin Roshtyak Silence DEV-0950 Mustard Tempest