Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-14MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Microsoft delivers comprehensive solution to battle rise in consent phishing emails
2021-07-13MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Microsoft discovers threat actor (DEV-0322) targeting SolarWinds Serv-U software with 0-day exploit
2021-07-01Anheng Threat Intelligence CenterAnheng Threat Intelligence Center
Suspected HADES organization launched an attack on Ukraine with military themes
2021-06-15360 Threat Intelligence Center360 Fiberhome Laboratory
PJobRAT: Spyware targeting Indian military personnel
PjobRAT
2021-06-14MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign
2021-06-11TencentThe Tencent Security Threat Intelligence Center
Tencent Security Report: Purple Fox virus maliciously attacks SQL server and spreads like a worm
PurpleFox
2021-06-01MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
New sophisticated email-based attack from NOBELIUM
Cobalt Strike
2021-06-01Rising Threat Intelligence CenterRising Threat Intelligence Center
Rising warning: APT organizes Lazarus Group to launch an attack on China
2021-05-28MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Breaking down NOBELIUM’s latest early-stage toolset
BOOMBOX Cobalt Strike
2021-05-10Anheng Threat Intelligence CenterHunting Shadow Lab
Analysis of U.S. Oil Products Pipeline Operators Suspended by Ransomware Attacks
DarkSide
2021-04-20360 Threat Intelligence CenterAdvanced Threat Institute
Transparent Tribe uses the new crown vaccine hotspot to analyze the targeted attacks on the Indian medical industry
Crimson RAT
2021-03-04MicrosoftAndrea Lelli, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC), Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
SUNBURST TEARDROP UNC2452
2021-03-02MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft 365 Security, Microsoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
CHINACHOPPER HAFNIUM
2021-03-02MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
PowerCat
2021-02-10Anheng Threat Intelligence CenterHunting Shadow Lab
Windows kernel zero-day exploit (CVE-2021-1732) is used by BITTER APT in targeted attack
2021-01-28MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
ZINC attacks against security researchers
ComeBacker Klackring
2021-01-26360 Threat Intelligence CenterAdvanced Threat Institute
Shell Break-Lazarus (APT-C-26) organized targeted attacks against security researchers to reveal the secret
2021-01-26Anheng Threat Intelligence CenterHunting Shadow Lab
Undefeated, hackers use Visual Studio compiler features to target binary vulnerabilities security researcher
2021-01-21360 Threat Intelligence CenterAdvanced Threat Institute
Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack
Ave Maria
2021-01-20MicrosoftMicrosoft 365 Defender Research Team, Microsoft Cyber Defense Operations Center (CDOC), Microsoft Threat Intelligence Center (MSTIC)
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
Cobalt Strike SUNBURST TEARDROP