Click here to download all references as Bib-File.•
2023-09-14
⋅
Microsoft
⋅
Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets APT33 |
2023-09-12
⋅
Microsoft
⋅
Malware distributor Storm-0324 facilitates ransomware access JSSLoader Storm-0324 |
2023-08-28
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on AiTM phishing trends Storm-1295 |
2023-08-24
⋅
Microsoft
⋅
Flax Typhoon using legitimate software to quietly access Taiwanese organizations Flax Typhoon |
2023-08-02
⋅
Microsoft
⋅
Midnight Blizzard conducts targeted social engineering over Microsoft Teams UNC2452 |
2023-07-19
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard DeliveryCheck Kazuar |
2023-07-14
⋅
Microsoft
⋅
Analysis of Storm-0558 techniques for unauthorized email access Storm-0558 |
2023-06-14
⋅
Microsoft
⋅
Cadet Blizzard emerges as a novel and distinct Russian threat actor p0wnyshell reGeorg WhisperGate DEV-0586 SaintBear |
2023-06-08
⋅
Microsoft
⋅
Detecting and mitigating a multi-stage AiTM phishing and BEC campaign Storm-1167 |
2023-05-24
⋅
Microsoft
⋅
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques Volt Typhoon |
2023-04-19
⋅
Microsoft
⋅
Exploring STRONTIUM's Abuse of Cloud Services FusionDrive |
2023-04-18
⋅
Microsoft
⋅
Nation-state threat actor PHOSPHORUS refines tradecraft to attack high-value targets Drokbk |
2023-04-13
⋅
Microsoft
⋅
Threat actors strive to cause Tax Day headaches CloudEyE Remcos |
2023-04-11
⋅
Microsoft
⋅
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia Carmine Tsunami |
2023-04-07
⋅
Microsoft
⋅
MERCURY and DEV-1084: Destructive attack on hybrid environment DarkBit Storm-1084 |
2023-03-15
⋅
Microsoft
⋅
A year of Russian hybrid warfare in Ukraine CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket SwiftSlicer WhisperGate |
2023-03-13
⋅
Microsoft
⋅
DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit |
2023-02-02
⋅
YouTube (SLEUTHCON)
⋅
Lions, Tigers, and Infostealers - Oh my! RecordBreaker RedLine Stealer Vidar |
2022-12-15
⋅
Microsoft
⋅
MCCrash: Cross-platform DDoS botnet targets private Minecraft servers DEV-1028 |
2022-10-27
⋅
Microsoft
⋅
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity FAKEUPDATES BumbleBee Clop Fauppod Raspberry Robin Roshtyak Silence DEV-0950 Mustard Tempest |