Click here to download all references as Bib-File.•
| 2022-07-14
⋅
Microsoft
⋅
North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware SiennaBlue SiennaPurple Storm-0530 |
| 2022-07-12
⋅
Microsoft
⋅
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud |
| 2022-07-05
⋅
Microsoft
⋅
Hive ransomware gets upgrades in Rust Hive |
| 2022-06-13
⋅
Microsoft
⋅
The many lives of BlackCat ransomware BlackCat Velvet Tempest |
| 2022-06-11
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on DEV-0401, DEV-0234 exploiting Confluence RCE CVE-2022-26134 Kinsing Mirai Cobalt Strike Lilac Typhoon |
| 2022-06-02
⋅
Microsoft
⋅
Exposing POLONIUM activity and infrastructure targeting Israeli organizations POLONIUM |
| 2022-05-09
⋅
Microsoft Security
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself Griffon BazarBackdoor BlackCat BlackMatter Blister Gozi LockBit Pandora Rook SystemBC TrickBot |
| 2022-05-09
⋅
Microsoft
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT |
| 2022-03-22
⋅
Microsoft
⋅
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction LAPSUS |
| 2022-03-22
⋅
Microsoft
⋅
DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction RedLine Stealer LAPSUS |
| 2022-03-16
⋅
Microsoft
⋅
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure TrickBot |
| 2022-02-04
⋅
Microsoft
⋅
ACTINIUM targets Ukrainian organizations Pteranodon Gamaredon Group |
| 2022-02-04
⋅
Microsoft
⋅
ACTINIUM targets Ukrainian organizations DilongTrash DinoTrain Pteranodon QuietSieve Gamaredon Group |
| 2021-12-11
⋅
Microsoft
⋅
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability Khonsari NightSky BRONZE STARLIGHT |
| 2021-12-06
⋅
Microsoft
⋅
NICKEL targeting government organizations across Latin America and Europe MimiKatz |
| 2021-12-06
⋅
Mandiant
⋅
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452) Cobalt Strike CryptBot |
| 2021-11-18
⋅
Microsoft
⋅
Iranian targeting of IT sector on the rise MimiKatz ShellClient RAT Cuboid Sandstorm |
| 2021-11-16
⋅
Microsoft
⋅
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 APT35 Gray Sandstorm |
| 2021-11-16
⋅
Microsoft
⋅
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 |
| 2021-11-08
⋅
Microsoft
⋅
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus |