Click here to download all references as Bib-File.•
| 2022-07-05
⋅
Microsoft
⋅
Hive ransomware gets upgrades in Rust Hive |
| 2022-06-13
⋅
Microsoft
⋅
The many lives of BlackCat ransomware BlackCat Velvet Tempest |
| 2022-06-11
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on DEV-0401, DEV-0234 exploiting Confluence RCE CVE-2022-26134 Kinsing Mirai Cobalt Strike Lilac Typhoon |
| 2022-06-02
⋅
Microsoft
⋅
Exposing POLONIUM activity and infrastructure targeting Israeli organizations POLONIUM |
| 2022-05-09
⋅
Microsoft Security
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself Griffon BazarBackdoor BlackCat BlackMatter Blister Gozi LockBit Pandora Rook SystemBC TrickBot |
| 2022-05-09
⋅
Microsoft
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT |
| 2022-03-22
⋅
Microsoft
⋅
DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction RedLine Stealer LAPSUS |
| 2022-03-16
⋅
Microsoft
⋅
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure TrickBot |
| 2022-02-04
⋅
Microsoft
⋅
ACTINIUM targets Ukrainian organizations Pteranodon Gamaredon Group |
| 2022-02-04
⋅
Microsoft
⋅
ACTINIUM targets Ukrainian organizations DilongTrash DinoTrain Pteranodon QuietSieve Gamaredon Group |
| 2021-12-11
⋅
Microsoft
⋅
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability Khonsari NightSky BRONZE STARLIGHT |
| 2021-12-06
⋅
Microsoft
⋅
NICKEL targeting government organizations across Latin America and Europe MimiKatz |
| 2021-12-06
⋅
Mandiant
⋅
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452) Cobalt Strike CryptBot |
| 2021-11-18
⋅
Microsoft
⋅
Iranian targeting of IT sector on the rise MimiKatz ShellClient RAT Cuboid Sandstorm |
| 2021-11-16
⋅
Microsoft
⋅
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 APT35 Gray Sandstorm |
| 2021-11-16
⋅
Microsoft
⋅
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 |
| 2021-11-08
⋅
Microsoft
⋅
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus |
| 2021-10-25
⋅
Microsoft
⋅
NOBELIUM targeting delegated administrative privileges to facilitate broader attacks |
| 2021-10-11
⋅
Microsoft
⋅
Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors |
| 2021-09-27
⋅
Microsoft
⋅
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor |