Click here to download all references as Bib-File.•
| 2021-06-01
⋅
Microsoft
⋅
New sophisticated email-based attack from NOBELIUM Cobalt Strike |
| 2021-05-28
⋅
Microsoft
⋅
Breaking down NOBELIUM’s latest early-stage toolset BOOMBOX Cobalt Strike |
| 2021-03-04
⋅
Microsoft
⋅
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence SUNBURST TEARDROP UNC2452 |
| 2021-03-02
⋅
Microsoft
⋅
HAFNIUM targeting Exchange Servers with 0-day exploits CHINACHOPPER HAFNIUM |
| 2021-03-02
⋅
Microsoft
⋅
HAFNIUM targeting Exchange Servers with 0-day exploits PowerCat |
| 2021-01-28
⋅
Microsoft
⋅
ZINC attacks against security researchers ComeBacker Klackring |
| 2021-01-20
⋅
Microsoft
⋅
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop Cobalt Strike SUNBURST TEARDROP |
| 2020-12-18
⋅
Microsoft
⋅
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers SUNBURST SUPERNOVA TEARDROP UNC2452 |
| 2020-11-30
⋅
Microsoft
⋅
Threat actor (BISMUTH) leverages coin miner techniques to stay under the radar – here’s how to spot them Cobalt Strike |
| 2020-09-10
⋅
Microsoft
⋅
STRONTIUM: Detecting new patterns in credential harvesting APT28 |
| 2019-12-12
⋅
Microsoft
⋅
GALLIUM: Targeting global telecom CHINACHOPPER Ghost RAT HTran MimiKatz Poison Ivy GALLIUM |