Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-06TRUESECJakob Nordenlund
DarkGate Loader Malware Delivered via Microsoft Teams
DarkGate
2023-09-01MicrosoftMicrosoft Threat Analysis Center (MTAC)
Russia’s influence networks in Sahel activated after coups
2023-08-28MicrosoftKirtar
Defender Experts Chronicles: A Deep Dive into Storm-0867
Storm-0867
2023-08-28Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on AiTM phishing trends
Storm-1295
2023-08-24MicrosoftMicrosoft Threat Intelligence
Flax Typhoon using legitimate software to quietly access Taiwanese organizations
Flax Typhoon
2023-08-02MicrosoftMicrosoft Threat Intelligence
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
UNC2452
2023-07-19Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard
DeliveryCheck Kazuar
2023-07-14MicrosoftMicrosoft Threat Intelligence
Analysis of Storm-0558 techniques for unauthorized email access
Storm-0558
2023-07-12FortinetCara Lin
LokiBot Campaign Targets Microsoft Office Document Using Vulnerabilities and Macros
Loki Password Stealer (PWS)
2023-07-11MicrosoftMicrosoft
Storm-0978 attacks reveal financial and espionage motives
ROMCOM RAT
2023-07-06MicrosoftMicrosoft Incident Response
The five-day job: A BlackByte ransomware intrusion case study
BlackByte ExByte
2023-06-30MicrosoftHeike Ritter
Monthly news - July 2023
Storm-1295
2023-06-14MicrosoftMicrosoft Threat Intelligence
Cadet Blizzard emerges as a novel and distinct Russian threat actor
p0wnyshell reGeorg WhisperGate DEV-0586 SaintBear
2023-06-08MicrosoftMicrosoft Threat Intelligence
Detecting and mitigating a multi-stage AiTM phishing and BEC campaign
Storm-1167
2023-05-24MicrosoftMicrosoft Threat Intelligence
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
Volt Typhoon
2023-04-19MicrosoftJustin Warner, Microsoft Threat Intelligence Center (MSTIC)
Exploring STRONTIUM's Abuse of Cloud Services
FusionDrive
2023-04-18MicrosoftMicrosoft Threat Intelligence
Nation-state threat actor PHOSPHORUS refines tradecraft to attack high-value targets
Drokbk
2023-04-18MicrosoftDaniel Simpson, Dianne Gali, Stacyrch140
How Microsoft names threat actors
2023-04-13MicrosoftMicrosoft Threat Intelligence
Threat actors strive to cause Tax Day headaches
CloudEyE Remcos
2023-04-11MicrosoftMicrosoft Threat Intelligence
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
Carmine Tsunami