Click here to download all references as Bib-File.•
| 2022-12-15
⋅
Microsoft
⋅
MCCrash: Cross-platform DDoS botnet targets private Minecraft servers DEV-1028 |
| 2022-10-27
⋅
Microsoft
⋅
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity FAKEUPDATES BumbleBee Clop Fauppod Raspberry Robin Roshtyak Silence DEV-0950 Mustard Tempest |
| 2022-10-10
⋅
RiskIQ
⋅
DEV-0832 Leverages Commodity Tools in Opportunistic Ransomware Campaigns BlackCat Mount Locker SystemBC Zeppelin |
| 2022-09-17
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on click fraud activity DEV-0796 Phlox Tempest |
| 2022-08-25
⋅
Microsoft
⋅
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations MimiKatz |
| 2022-08-24
⋅
Microsoft
⋅
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone |
| 2022-08-15
⋅
Microsoft
⋅
Disrupting SEABORGIUM’s ongoing phishing operations Callisto |
| 2022-08-15
⋅
Microsoft
⋅
Disrupting SEABORGIUM’s ongoing phishing operations |
| 2022-07-29
⋅
RiskIQ
⋅
Falling Into a Nest of Vipers or: "Why'd it have to be snakes?" (Microsoft Threat Intelligence Brief) |
| 2022-07-27
⋅
Microsoft
⋅
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits Subzero Denim Tsunami |
| 2022-07-14
⋅
Microsoft
⋅
North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware SiennaBlue SiennaPurple Storm-0530 |
| 2022-07-12
⋅
Microsoft
⋅
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud |
| 2022-07-05
⋅
Microsoft
⋅
Hive ransomware gets upgrades in Rust Hive |
| 2022-06-13
⋅
Microsoft
⋅
The many lives of BlackCat ransomware BlackCat Velvet Tempest |
| 2022-06-11
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on DEV-0401, DEV-0234 exploiting Confluence RCE CVE-2022-26134 Kinsing Mirai Cobalt Strike Lilac Typhoon |
| 2022-06-02
⋅
Microsoft
⋅
Exposing POLONIUM activity and infrastructure targeting Israeli organizations POLONIUM |
| 2022-05-09
⋅
Microsoft Security
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself Griffon BazarBackdoor BlackCat BlackMatter Blister Gozi LockBit Pandora Rook SystemBC TrickBot |
| 2022-05-09
⋅
Microsoft
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT |
| 2022-03-22
⋅
Microsoft
⋅
DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction RedLine Stealer LAPSUS |
| 2022-03-16
⋅
Microsoft
⋅
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure TrickBot |