Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-24MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Team, Microsoft Threat Intelligence Center (MSTIC)
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
2022-08-18DomainToolsDomainTools Research
A Sticky Situation Part 2
2022-08-15MicrosoftDigital Threat Analysis Center (DTAC), Microsoft Threat Intelligence Center (MSTIC), Office 365 Threat Research Team
Disrupting SEABORGIUM’s ongoing phishing operations
Callisto
2022-08-15WeixinKnow Chuangyu
Analysis of the characteristics of new activities organized by Patchwork APT in South Asia
2022-08-15MicrosoftDigital Threat Analysis Center (DTAC), Microsoft Threat Intelligence Center (MSTIC), Office 365 Threat Research Team
Disrupting SEABORGIUM’s ongoing phishing operations
2022-07-27MicrosoftMicrosoft Security Response Center (MSRC), Microsoft Threat Intelligence Center (MSTIC), RiskIQ
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
Subzero Denim Tsunami
2022-07-27ElasticAndrew Pease, Cyril François, Seth Goodwin
Exploring the QBOT Attack Pattern
QakBot
2022-07-27ElasticCyril François, Derek Ditch
QBOT Configuration Extractor
QakBot
2022-07-25KasperskyGReAT
CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit
2022-07-14MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware
SiennaBlue SiennaPurple Storm-0530
2022-07-12MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
2022-07-05MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Hive ransomware gets upgrades in Rust
Hive
2022-06-29Team CymruS2 Research Team
The Sliding Scale of Threat Actor Sophistication When Reacting to 0-day Vulnerabilities
2022-06-02MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Exposing POLONIUM activity and infrastructure targeting Israeli organizations
POLONIUM
2022-06-01ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Salim Bitam, Seth Goodwin
CUBA Ransomware Campaign Analysis
Cobalt Strike Cuba Meterpreter MimiKatz SystemBC
2022-06-01ElasticSalim Bitam
CUBA Ransomware Malware Analysis
Cuba
2022-06-01FortinetFred Gutierrez, James Slaughter, Shunichi Imano
CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina”
turian
2022-05-17ElasticAlex Bell, Colson Wilhoit, Jake King, Rhys Rustad-Elliott
A peek behind the BPFDoor
BPFDoor
2022-05-16Department of Justice
Hacker and Ransomware Designer Charged for Use and Sale of Ransomware, and Profit Sharing Arrangements with Cybercriminals (APPLICATION FOR AN ARREST WARRANT)
Hakbit
2022-05-12CloudsekAnandeshwar Unnikrishnan
Technical Analysis of Emerging, Sophisticated Pandora Ransomware Group
Pandora