Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-02Rapid7 LabsAndrew Christian
Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day
CHINACHOPPER HAFNIUM
2021-03-02VolexityJosh Grunzweig, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities
CHINACHOPPER HAFNIUM
2021-03-02MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft 365 Security, Microsoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
CHINACHOPPER HAFNIUM
2021-03-02Github (microsoft)Microsoft
Microsoft-365-Defender-Hunting-Queries for hunting Gootkit malware delivery and C2
GootKit
2021-03-02Twitter (@MsftSecIntel)Microsoft Security Intelligence
Tweet on Gootkit malware campaign
GootKit
2021-03-02MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
PowerCat
2021-03-01MicrosoftMicrosoft
Detect and defend against the recent nation-state cyber attack
SUNBURST
2021-02-25MicrosoftMicrosoft
CodeQL queries to hunt for Solorigate activity
SUNBURST
2021-02-25MicrosoftMicrosoft Identity Security Team
Microsoft open sources CodeQL queries used to hunt for Solorigate activity
SUNBURST
2021-02-18MicrosoftMSRC Team
Microsoft Internal Solorigate Investigation – Final Update
2021-02-12InfoSec Handlers Diary BlogXavier Mertens
AgentTesla Dropped Through Automatic Click in Microsoft Help File
Agent Tesla
2021-02-11MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Research Team
Web shell attacks continue to rise
2021-02-09Medium (@alex.birsan)Alex Birsan
Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies
2021-02-09MicrosoftMicrosoft
3 Ways to Mitigate Risk When Using Private Package Feeds
2021-02-09MicrosoftMSRC Team
Windows Win32k Elevation of Privilege Vulnerability CVE-2021-1732 (exploited ITW)
2021-02-09MicrosoftMSRC Team
Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086
2021-02-05Bleeping ComputerSergiu Gatlan
Microsoft warns of increasing OAuth Office 365 phishing attacks
2021-02-02Click All the Things! BlogJamie
XLSB: Analyzing a Microsoft Excel Binary Spreadsheet
2021-02-01MicrosoftMicrosoft 365 Defender Threat Intelligence Team
What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
Dridex Emotet Makop Ransomware SmokeLoader TrickBot
2021-01-28YouTube (Microsoft Security Community)Microsoft
Microsoft 365 Defender webinar: Protect, Detect, and Respond to Solorigate using M365 Defender
SUNBURST