Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-10-03US Court for the District of ColumbiaUS Court for the District of Columbia
Civil Action No. 1:24-cv-02719-RC: Microsoft vs. Star Blizzard
Callisto
2024-09-26MicrosoftMicrosoft Threat Intelligence
Storm-0501: Ransomware attacks expanding to hybrid cloud environments
Storm-0501
2024-09-18Twitter (@MsftSecIntel)Microsoft
Tweet about threat actor Vanilla Tempest
INC GootLoader Storm-0494
2024-08-30MicrosoftMicrosoft Threat Intelligence
North Korean threat actor Citrine Sleet exploiting Chromium zero-day
FudModule Lazarus Group
2024-08-14cocomelonccocomelonc
Malware development: persistence - part 26. Microsoft Edge - part 1. Simple C example.
2024-07-29MicrosoftCharles-Edouard Bettan, Danielle Kuznets Nohi, Edan Zwick, Meitar Pinto, Vaibhav Deshmukh
Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption
Black Basta Black Basta Storm-0506
2024-06-21ElasticJoe Desimone, Samir Bousseaden
GrimResource - Microsoft Management Console for initial access and evasion
Cobalt Strike
2024-06-02MicrosoftClint Watts
How Russia is trying to disrupt the 2024 Paris Olympic Games
Storm-1679
2024-05-28MicrosoftMicrosoft Threat Intelligence
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks
splitloader
2024-05-15MicrosoftMicrosoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot SystemBC
2024-05-15MicrosoftMicrosoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot UNC4393
2024-05-01MicrosoftDimitrios Valsamaras
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps
2024-04-25MicrosoftMicrosoft Incident Response Team
Guidance for Incident Responders
2024-04-22MicrosoftMicrosoft Threat Intelligence
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
GooseEgg
2024-04-17MicrosoftClint Watts, Microsoft Threat Analysis Center (MTAC)
Russian US election interference targets support for Ukraine after slow start
2024-04-17MicrosoftMicrosoft Threat Analysis Center (MTAC)
Nation-states engage in US-focused influence operations ahead of US presidential election
2024-04-17MicrosoftHagai Ran Kestenberg, Yossi Weizman
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters
2024-04-13cyber5wcyber5w, M4lcode
Analysis of malicious Microsoft office macros
AsyncRAT Ave Maria
2024-04-11MicrosoftMark Russinovich
How Microsoft discovers and mitigates evolving attacks against AI guardrails
2024-04-04MicrosoftClint Watts, Microsoft Threat Analysis Center (MTAC)
China tests US voter fault lines and ramps AI content to boost its geopolitical interests