Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-21MicrosoftMicrosoft Detection and Response Team (DART), Microsoft Security Experts
The art and science behind Microsoft threat hunting: Part 2
2022-09-08MicrosoftMicrosoft Detection and Response Team (DART), Microsoft Security Experts
The art and science behind Microsoft threat hunting: Part 1
2022-08-24MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Team, Microsoft Threat Intelligence Center (MSTIC)
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
2022-04-12Microsoft SecurityDetection and Response Team (DART)
Tarrask malware uses scheduled tasks for defense evasion
Godzilla Webshell
2022-03-22MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction
RedLine Stealer LAPSUS
2022-03-11MicrosoftMicrosoft Detection and Response Team (DART)
Part 2: LockBit 2.0 ransomware bugs and database recovery attempts
LockBit
2022-03-11MicrosoftMicrosoft Detection and Response Team (DART)
Part 1: LockBit 2.0 ransomware bugs and database recovery attempts
LockBit
2022-01-15MicrosoftMicrosoft, Microsoft 365 Defender Threat Intelligence Team, Microsoft Detection and Response Team (DART), Microsoft Digital Security Unit (DSU), Microsoft Security Intelligence
Destructive malware targeting Ukrainian organizations (DEV-0586)
WhisperGate DEV-0586
2022-01-04MicrosoftMicrosoft Detection and Response Team (DART)
Leveraging the Power of KQL in Incident Response
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-10-26MicrosoftDetection and Response Team (DART)
Protect your business from password sprays with Microsoft DART recommendations
2021-09-27MicrosoftDetection and Response Team (DART)
A guide to combatting human-operated ransomware: Part 2
2021-09-20MicrosoftDetection and Response Team (DART)
A guide to combatting human-operated ransomware: Part 1
2021-02-11MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Research Team
Web shell attacks continue to rise
2020-12-21MicrosoftDetection and Response Team (DART)
Advice for incident responders on recovery from systemic identity compromises