Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-03-06Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet about Moonstone Sleet dropping Qilin ransomware
Qilin
2025-03-05MicrosoftMicrosoft Threat Intelligence
Silk Typhoon targeting IT supply chain
2025-02-27MicrosoftSteven Masada
Disrupting a global cybercrime network abusing generative AI
Storm-2139
2025-02-13MicrosoftMicrosoft Threat Intelligence
Storm-2372 conducts device code phishing campaign
Storm-2372
2025-02-13VolexityCharlie Gardner, Steven Adair, Tom Lancaster
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
2025-02-12MicrosoftMicrosoft Threat Intelligence
The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation
LocalOlive
2025-02-11EclecticIQArda Büyükkaya
Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns
Kalambur BACKORDER DCRat
2025-02-11Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Twitter Thread on a new Kimsuky tactic inciting admins to paste powershell
2025-02-06MicrosoftMicrosoft Threat Intelligence
Code injection attacks using publicly disclosed ASP.NET machine keys
2025-01-31ConnectWiseBlake Eakin
Attackers Leveraging Microsoft Teams Defaults and Quick Assist for Social Engineering Attacks
Black Basta Black Basta ReedBed
2025-01-25SophosAnthony Bradshaw, Colin Cowie, Daniel Souter, Hunter Neal, Mark Parsons, Sean Baird, Sean Gallagher
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
ReedBed STAC5143 UNC4393
2025-01-21Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Twitter Thread describing spotting of ReedBed in a Storm-1811 campaign
ReedBed UNC4393
2025-01-16MicrosoftMicrosoft Threat Intelligence
New Star Blizzard spear-phishing campaign targets WhatsApp accounts
2024-12-11MicrosoftMicrosoft Threat Intelligence
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine
Amadey Kazuar Wipbot FlyingYeti
2024-12-04MicrosoftMicrosoft Threat Intelligence
Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage
Crimson RAT MiniPocket TwoDash Wainscot Operation C-Major Storm-0473
2024-12-02TechSpotAlfonso Maruccia
Hacking group claims to have cracked Microsoft's software licensing security on a massive scale
Massgrave
2024-11-22MicrosoftMicrosoft Threat Intelligence
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON
Storm-2077
2024-11-09Youtube (Microsoft Security Response Center (MSRC))Rachel Giacobozzi
BlueHat 2024: S17: MSTIC - A Threat Intelligence Year in Review
Storm-0506 TA2101
2024-11-09MicrosoftRachel Giacobozzi
BlueHat 2024: S17: MSTIC - A Threat Intelligence Year in Review
Storm-0826
2024-10-31MicrosoftMicrosoft Threat Intelligence
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
Storm-0940

Select families...