Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-16MicrosoftMSRC Team
Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities
2021-03-15Team CymruJosh Hopkins
FIN8: BADHATCH Threat Indicator Enrichmen
BADHATCH
2021-03-10ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike
2021-03-09splunkSecurity Research Team
Cloud Federated Credential Abuse & Cobalt Strike: Threat Research February 2021
Cobalt Strike
2021-03-09MicrosoftMSRC Team
Microsoft Exchange Server Vulnerabilities Mitigations – updated March 9, 2021
HAFNIUM
2021-03-08SymantecThreat Hunter Team
How Symantec Stops Microsoft Exchange Server Attacks
CHINACHOPPER MimiKatz
2021-03-08SecureworksCounter Threat Unit ResearchTeam
SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group
SUPERNOVA BRONZE SPIRAL
2021-03-06Blue Team BlogAuth 0r
Microsoft Exchange Zero Day’s – Mitigations and Detections.
2021-03-04CrowdStrikeThe Falcon Complete Team
Falcon Complete Stops Microsoft Exchange Server Zero-Day Exploits
CHINACHOPPER HAFNIUM
2021-03-04MicrosoftAndrea Lelli, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC), Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
SUNBURST TEARDROP UNC2452
2021-03-04WMC GlobalWMC Global Threat Intelligence Team
The Compact Campaign
2021-03-03DubexDubex Incident Response Team
Please leave an exploit after the beep
2021-03-02Metabase QJesus Dominguez, Ocelot Offensive Security Team
Ploutus is back, targeting Itautec ATMs in Latin America
Ploutus ATM
2021-03-02MicrosoftMSRC Team
Multiple Security Updates Released for Exchange Server – updated March 8, 2021
HAFNIUM
2021-03-02MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft 365 Security, Microsoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
CHINACHOPPER HAFNIUM
2021-02-25MicrosoftMicrosoft Identity Security Team
Microsoft open sources CodeQL queries used to hunt for Solorigate activity
SUNBURST
2021-02-25ProofpointMichael Raggi, Proofpoint Threat Research Team
TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations
scanbox Sepulcher Lucky Cat
2021-02-20MalpediaMalpedia
Malpedia Website for Malware Family Team TNT
TeamTNT TeamTNT
2021-02-18SymantecThreat Hunter Team
Lazarus: Three North Koreans Charged for Financially Motivated Attacks
AppleJeus POOLRAT Unidentified macOS 001 (UnionCryptoTrader) AppleJeus Unidentified 077 (Lazarus Downloader)
2021-02-18MicrosoftMSRC Team
Microsoft Internal Solorigate Investigation – Final Update