Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-12-06MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
NICKEL targeting government organizations across Latin America and Europe
MimiKatz
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-11-29Qianxin Threat Intelligence CenterRed Raindrop Team
APT-Q-12: An intelligence espionage campaign targeting the trade industry
Unidentified 100 (APT-Q-12) APT-C-60
2021-11-19360 Threat Intelligence Centeradvanced threat research institute
It is suspected that the APT-C-55 organization used the commercial software Web Browser Password Viewer to carry out the attack
2021-11-18MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Iranian targeting of IT sector on the rise
MimiKatz ShellClient RAT Cuboid Sandstorm
2021-11-16MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
2021-11-08MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus
2021-10-25MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
NOBELIUM targeting delegated administrative privileges to facilitate broader attacks
2021-10-11MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors
2021-09-27MicrosoftMicrosoft Threat Intelligence Center (MSTIC), Ramin Nafisi
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
2021-09-15MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
EXOTIC LILY
2021-09-15MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
Cobalt Strike
2021-09-01360 Threat Intelligence CenterAdvanced Threat Institute
APT-C-56 (Transparent Tribe) Latest Attack Analysis and Associated Suspected Gorgon Group Attack Analysis Alert
Crimson RAT NetWire RC
2021-08-02360 Threat Intelligence CenterAdvanced Threat Institute
Operation Hunting - The latest attack by the CNC (APT-C-48) has been revealed
2021-07-27360 Threat Intelligence CenterAdvanced Threat Institute
Summary of Kimsuky's secret stealing activities in the first half of 2021
2021-07-16360 Threat Intelligence CenterAdvanced Threat Institute
APT-C-61 attacks against South Asia
2021-07-15MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware
2021-07-14MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Microsoft delivers comprehensive solution to battle rise in consent phishing emails
2021-07-13MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Microsoft discovers threat actor (DEV-0322) targeting SolarWinds Serv-U software with 0-day exploit
2021-07-01Anheng Threat Intelligence CenterAnheng Threat Intelligence Center
Suspected HADES organization launched an attack on Ukraine with military themes