Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-01-17MicrosoftMicrosoft Threat Intelligence
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
MediaPI
2023-12-30Rewterz Information SecurityRewterz Information Security
Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs
EugenLoader POWERTRASH BATLOADER DarkGate FlawedGrace NetSupportManager RAT SectopRAT Storm-0506
2023-12-30Rewterz Information SecurityRewterz Information Security
Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs
HijackLoader Storm-1674
2023-12-29Security BoulevardWajahat Raja
Microsoft Storm-1152 Crackdown: Stopping Threat Actors
Storm-1152
2023-12-18Rewterz Information SecurityRewterz Information Security
Rewterz Threat Update – Microsoft Warns of Emerging Threat by Storm-0539 Behind Gift Card Frauds
Storm-0539 Storm-1152
2023-12-18BridewellJoshua Penny
Analysing a Widespread Microsoft 365 Credential Harvesting Campaign
Storm-1575
2023-12-13Trend MicroAprilyn Borja, Catherine Loveria, Gabriel Nicoleta, Jovit Samaniego
Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion
DarkGate
2023-12-13MicrosoftAmy Hogan-Burney
Disrupting the gateway services to cybercrime
Storm-1152
2023-12-12MicrosoftMicrosoft Threat Intelligence
Threat actors misuse OAuth applications to automate financially driven attacks
Storm-1283 Storm-1286
2023-12-07MicrosoftClint Watts
Russian influence and cyber operations adapt for long haul and exploit war fatigue
Storm-1099
2023-12-07MicrosoftMicrosoft Threat Intelligence
Star Blizzard increases sophistication and evasion in ongoing attacks
Callisto
2023-12-01Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet about Storm-1044 and Storm-0216, Danabot leading to Cactus ransomware
Cactus DanaBot TA2101
2023-12-01MicrosoftHeike Ritter
Monthly news - December 2023
Pearl Sleet
2023-12-01Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Danabot leading to cactus ransomware
Cactus DanaBot Storm-1044
2023-11-22MicrosoftMicrosoft Threat Intelligence
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
LambLoad
2023-11-09MicrosoftMicrosoft Threat Intelligence
Microsoft shares threat intelligence at CYBERWARCON 2023
Blue Tsunami
2023-11-02MicrosoftHeike Ritter
Monthly news - November 2023
Storm-0539
2023-11-02MicrosoftHeike Ritter
Monthly news - November 2023
Storm-0062
2023-10-18MicrosoftMicrosoft Threat Intelligence
Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability
FeedLoad ForestTiger HazyLoad RollSling Silent Chollima
2023-10-13Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Storm-1575 and Dadsec phishing platform
Storm-1575