Click here to download all references as Bib-File.•
2025-03-06
⋅
Twitter (@MsftSecIntel)
⋅
Tweet about Moonstone Sleet dropping Qilin ransomware Qilin |
2025-03-05
⋅
Microsoft
⋅
Silk Typhoon targeting IT supply chain |
2025-02-27
⋅
Microsoft
⋅
Disrupting a global cybercrime network abusing generative AI Storm-2139 |
2025-02-13
⋅
Microsoft
⋅
Storm-2372 conducts device code phishing campaign Storm-2372 |
2025-02-13
⋅
Volexity
⋅
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication |
2025-02-12
⋅
Microsoft
⋅
The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation LocalOlive |
2025-02-11
⋅
EclecticIQ
⋅
Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns Kalambur BACKORDER DCRat |
2025-02-11
⋅
Twitter (@MsftSecIntel)
⋅
Twitter Thread on a new Kimsuky tactic inciting admins to paste powershell |
2025-02-06
⋅
Microsoft
⋅
Code injection attacks using publicly disclosed ASP.NET machine keys |
2025-01-31
⋅
ConnectWise
⋅
Attackers Leveraging Microsoft Teams Defaults and Quick Assist for Social Engineering Attacks Black Basta Black Basta ReedBed |
2025-01-25
⋅
Sophos
⋅
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing” ReedBed STAC5143 UNC4393 |
2025-01-21
⋅
Twitter (@MsftSecIntel)
⋅
Twitter Thread describing spotting of ReedBed in a Storm-1811 campaign ReedBed UNC4393 |
2025-01-16
⋅
Microsoft
⋅
New Star Blizzard spear-phishing campaign targets WhatsApp accounts |
2024-12-11
⋅
Microsoft
⋅
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine Amadey Kazuar Wipbot FlyingYeti |
2024-12-04
⋅
Microsoft
⋅
Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage Crimson RAT MiniPocket TwoDash Wainscot Operation C-Major Storm-0473 |
2024-12-02
⋅
TechSpot
⋅
Hacking group claims to have cracked Microsoft's software licensing security on a massive scale Massgrave |
2024-11-22
⋅
Microsoft
⋅
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON Storm-2077 |
2024-11-09
⋅
Youtube (Microsoft Security Response Center (MSRC))
⋅
BlueHat 2024: S17: MSTIC - A Threat Intelligence Year in Review Storm-0506 TA2101 |
2024-11-09
⋅
Microsoft
⋅
BlueHat 2024: S17: MSTIC - A Threat Intelligence Year in Review Storm-0826 |
2024-10-31
⋅
Microsoft
⋅
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network Storm-0940 |