Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-07-29RiskIQJordan Herman
Falling Into a Nest of Vipers or: "Why'd it have to be snakes?" (Microsoft Threat Intelligence Brief)
2022-07-28SentinelOneJames Haughom, Julien Reisdorffer, Júlio Dantas
Living Off Windows Defender | LockBit Ransomware Sideloads Cobalt Strike Through Microsoft Security Tool
Cobalt Strike LockBit
2022-07-27MicrosoftMicrosoft Security Response Center (MSRC), Microsoft Threat Intelligence Center (MSTIC), RiskIQ
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
Subzero Denim Tsunami
2022-07-26MicrosoftMicrosoft 365 Defender Research Team
Malicious IIS extensions quietly open persistent backdoors into servers
CHINACHOPPER MimiKatz
2022-07-14MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware
SiennaBlue SiennaPurple Storm-0530
2022-07-13MicrosoftJonathan Bar Or, Microsoft 365 Defender Research Team
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706
2022-07-12MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
2022-07-06Trend MicroBren Matthew Ebriega, Ivan Nicole Chavez, Joshua Paul Ignacio, Monte de Jesus, Nathaniel Morales
Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server
HavanaCrypt
2022-07-05MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Hive ransomware gets upgrades in Rust
Hive
2022-06-30MicrosoftAmir Kutcher, Microsoft 365 Defender Research Team, Philip Tsukerman, Tomer Cabouly
Using process creation properties to catch evasion techniques
2022-06-30MicrosoftMicrosoft 365 Defender Research Team
Toll fraud malware: How an Android application can drain your wallet
Joker
2022-06-27NetskopeGustavo Palazolo
Emotet: Still Abusing Microsoft Office Macros
Emotet
2022-06-23InQuestPedram Amini
Follina, the Latest in a Long Chain of Microsoft Office Exploits
2022-06-21BleepingComputerSergiu Gatlan
Microsoft Exchange servers hacked by new ToddyCat APT gang
ToddyCat
2022-06-16ESET ResearchRene Holt
How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security
Emotet
2022-06-13MicrosoftMicrosoft Threat Intelligence
The many lives of BlackCat ransomware
BlackCat Velvet Tempest
2022-06-13MicrosoftMicrosoft 365 Defender Threat Intelligence Team
The many lives of BlackCat ransomware
BlackCat
2022-06-11Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on DEV-0401, DEV-0234 exploiting Confluence RCE CVE-2022-26134
Kinsing Mirai Cobalt Strike Lilac Typhoon
2022-06-03TrustwaveTrustwave SpiderLabs
Trustwave's Action Response: Microsoft zero-day CVE-2022-30190 (aka Follina)
2022-06-02MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Exposing POLONIUM activity and infrastructure targeting Israeli organizations
POLONIUM