Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-13MicrosoftMicrosoft Threat Intelligence
Threat actors strive to cause Tax Day headaches
CloudEyE Remcos
2023-04-11MicrosoftMicrosoft Threat Intelligence
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
Carmine Tsunami
2023-04-07MicrosoftMicrosoft Threat Intelligence
MERCURY and DEV-1084: Destructive attack on hybrid environment
DarkBit MuddyWater Storm-1084
2023-03-15MicrosoftMicrosoft Threat Intelligence
A year of Russian hybrid warfare in Ukraine
CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket SwiftSlicer WhisperGate
2023-03-13MicrosoftMicrosoft Threat Intelligence Center
DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit
2023-02-02YouTube (SLEUTHCON)Christopher Glyer, Microsoft Threat Intelligence Center (MSTIC)
Lions, Tigers, and Infostealers - Oh my!
RecordBreaker RedLine Stealer Vidar
2022-12-15MicrosoftMicrosoft Threat Intelligence
MCCrash: Cross-platform DDoS botnet targets private Minecraft servers
DEV-1028
2022-10-27MicrosoftMicrosoft Threat Intelligence
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
FAKEUPDATES BumbleBee Clop Fauppod Raspberry Robin Roshtyak Silence DEV-0950 Mustard Tempest
2022-10-10RiskIQMicrosoft Threat Intelligence Center (MSTIC)
DEV-0832 Leverages Commodity Tools in Opportunistic Ransomware Campaigns
BlackCat Mount Locker SystemBC Zeppelin
2022-09-17Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on click fraud activity DEV-0796
Phlox Tempest
2022-08-25MicrosoftMicrosoft 365 Defender Research Team, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations
MimiKatz
2022-08-24MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Team, Microsoft Threat Intelligence Center (MSTIC)
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
2022-08-15MicrosoftDigital Threat Analysis Center (DTAC), Microsoft Threat Intelligence Center (MSTIC), Office 365 Threat Research Team
Disrupting SEABORGIUM’s ongoing phishing operations
Callisto
2022-08-15MicrosoftDigital Threat Analysis Center (DTAC), Microsoft Threat Intelligence Center (MSTIC), Office 365 Threat Research Team
Disrupting SEABORGIUM’s ongoing phishing operations
2022-07-29RiskIQJordan Herman
Falling Into a Nest of Vipers or: "Why'd it have to be snakes?" (Microsoft Threat Intelligence Brief)
2022-07-27MicrosoftMicrosoft Security Response Center (MSRC), Microsoft Threat Intelligence Center (MSTIC), RiskIQ
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
Subzero Denim Tsunami
2022-07-14MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware
SiennaBlue SiennaPurple Storm-0530
2022-07-12MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
2022-07-05MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Hive ransomware gets upgrades in Rust
Hive
2022-06-13MicrosoftMicrosoft Threat Intelligence
The many lives of BlackCat ransomware
BlackCat Velvet Tempest