Click here to download all references as Bib-File.•
| 2024-12-11
⋅
Microsoft
⋅
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine Amadey Kazuar Wipbot FlyingYeti |
| 2024-12-04
⋅
Microsoft
⋅
Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage Crimson RAT MiniPocket TwoDash Wainscot Operation C-Major Storm-0473 |
| 2024-11-22
⋅
Microsoft
⋅
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON Storm-2077 |
| 2024-11-09
⋅
Youtube (Microsoft Security Response Center (MSRC))
⋅
BlueHat 2024: S17: MSTIC - A Threat Intelligence Year in Review Storm-0506 TA2101 |
| 2024-11-09
⋅
Microsoft
⋅
BlueHat 2024: S17: MSTIC - A Threat Intelligence Year in Review Storm-0826 |
| 2024-10-31
⋅
Microsoft
⋅
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network Storm-0940 |
| 2024-10-29
⋅
Microsoft
⋅
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files |
| 2024-10-17
⋅
Microsoft Security
⋅
New macOS vulnerability, “HM Surf”, could lead to unauthorized data access |
| 2024-10-15
⋅
⋅
Weixin
⋅
Analysis of the attack activities of APT-C-35 (belly brain worm) against a manufacturing company in South Asia Unidentified 117 (Donot Loader) |
| 2024-10-12
⋅
Qianxin
⋅
Bitter Group Launches New Trojan Miyarat, Domestic Users Become Primary Ttargets MiyaRAT |
| 2024-10-09
⋅
Recorded Future
⋅
Outmaneuvering Rhysida: How Advanced Threat Intelligence Shields Critical Infrastructure from Ransomware Broomstick Rhysida |
| 2024-09-26
⋅
Microsoft
⋅
Storm-0501: Ransomware attacks expanding to hybrid cloud environments Storm-0501 |
| 2024-08-30
⋅
Microsoft
⋅
North Korean threat actor Citrine Sleet exploiting Chromium zero-day FudModule Lazarus Group |
| 2024-08-18
⋅
Anchored Narratives on Threat Intelligence and Geopolitics
⋅
Reversing DISGOMOJI with Malcat like a BOSS DISGOMOJI |
| 2024-07-05
⋅
⋅
Weixin
⋅
APT-C-26 (Lazarus) uses PyPI to attack Windows, Linux, and macOS platforms SimpleTea SimpleTea |
| 2024-06-17
⋅
Checkpoint
⋅
17th June – Threat Intelligence Report Sp1d3r UNC5537 |
| 2024-06-05
⋅
Symantec
⋅
RansomHub: New Ransomware has Origins in Older Knight Knight RansomHub RansomHub |
| 2024-05-28
⋅
Microsoft
⋅
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks splitloader |
| 2024-05-15
⋅
Microsoft
⋅
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware Black Basta Cobalt Strike QakBot SystemBC |
| 2024-05-15
⋅
Microsoft
⋅
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware Black Basta Cobalt Strike QakBot UNC4393 |