Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-12-21MicrosoftMicrosoft Security Threat Intelligence
@online{intelligence:20221221:microsoft:3e9b011, author = {Microsoft Security Threat Intelligence}, title = {{Microsoft research uncovers new Zerobot capabilities}}, date = {2022-12-21}, organization = {Microsoft}, url = {https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/}, language = {English}, urldate = {2022-12-29} } Microsoft research uncovers new Zerobot capabilities
ZeroBot SparkRAT
2022-11-17MicrosoftMicrosoft Security Threat Intelligence
@online{intelligence:20221117:dev0569:86675d7, author = {Microsoft Security Threat Intelligence}, title = {{DEV-0569 finds new ways to deliver Royal ransomware, various payloads}}, date = {2022-11-17}, organization = {Microsoft}, url = {https://www.microsoft.com/en-us/security/blog/2022/11/17/dev-0569-finds-new-ways-to-deliver-royal-ransomware-various-payloads/}, language = {English}, urldate = {2023-01-05} } DEV-0569 finds new ways to deliver Royal ransomware, various payloads
Royal Ransom
2022-10-27MicrosoftMicrosoft Security Threat Intelligence
@online{intelligence:20221027:raspberry:b6d1ce4, author = {Microsoft Security Threat Intelligence}, title = {{Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity}}, date = {2022-10-27}, organization = {Microsoft}, url = {https://www.microsoft.com/en-us/security/blog/2022/10/27/raspberry-robin-worm-part-of-larger-ecosystem-facilitating-pre-ransomware-activity/}, language = {English}, urldate = {2023-03-13} } Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
FAKEUPDATES BumbleBee Fauppod PhotoLoader Raspberry Robin Roshtyak
2022-10-25MicrosoftMicrosoft Security Threat Intelligence
@online{intelligence:20221025:dev0832:5d16a04, author = {Microsoft Security Threat Intelligence}, title = {{DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector}}, date = {2022-10-25}, organization = {Microsoft}, url = {https://www.microsoft.com/en-us/security/blog/2022/10/25/dev-0832-vice-society-opportunistic-ransomware-campaigns-impacting-us-education-sector/}, language = {English}, urldate = {2023-02-03} } DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
BlackCat Mount Locker Zeppelin
2022-10-22MicrosoftMicrosoft Security Threat Intelligence
@online{intelligence:20221022:dev0952:21116ee, author = {Microsoft Security Threat Intelligence}, title = {{DEV-0952 deploys Daixin ransomware at hospitals}}, date = {2022-10-22}, organization = {Microsoft}, url = {https://community.riskiq.com/article/2f515d18}, language = {English}, urldate = {2022-10-24} } DEV-0952 deploys Daixin ransomware at hospitals
2022-10-14MicrosoftMicrosoft Security Threat Intelligence
@online{intelligence:20221014:new:96a6fbd, author = {Microsoft Security Threat Intelligence}, title = {{New “Prestige” ransomware impacts organizations in Ukraine and Poland}}, date = {2022-10-14}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/10/14/new-prestige-ransomware-impacts-organizations-in-ukraine-and-poland/}, language = {English}, urldate = {2022-10-14} } New “Prestige” ransomware impacts organizations in Ukraine and Poland
Prestige
2022-10-05MicrosoftMicrosoft Security Threat Intelligence
@online{intelligence:20221005:detecting:76c0e4f, author = {Microsoft Security Threat Intelligence}, title = {{Detecting and preventing LSASS credential dumping attacks}}, date = {2022-10-05}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/10/05/detecting-and-preventing-lsass-credential-dumping-attacks/}, language = {English}, urldate = {2022-10-17} } Detecting and preventing LSASS credential dumping attacks
2022-09-30MicrosoftMicrosoft Security Threat Intelligence
@online{intelligence:20220930:analyzing:115d508, author = {Microsoft Security Threat Intelligence}, title = {{Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082}}, date = {2022-09-30}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082}, language = {English}, urldate = {2022-10-17} } Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082
2022-09-29MicrosoftMicrosoft Security Threat Intelligence, LinkedIn Threat Prevention and Defense
@online{intelligence:20220929:zinc:4b8e6c0, author = {Microsoft Security Threat Intelligence and LinkedIn Threat Prevention and Defense}, title = {{ZINC weaponizing open-source software}}, date = {2022-09-29}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/09/29/zinc-weaponizing-open-source-software/}, language = {English}, urldate = {2023-11-14} } ZINC weaponizing open-source software
BLINDINGCAN CLOUDBURST miniBlindingCan
2022-09-08MicrosoftMicrosoft Security Threat Intelligence
@online{intelligence:20220908:microsoft:66fa6e4, author = {Microsoft Security Threat Intelligence}, title = {{Microsoft investigates Iranian attacks against the Albanian government}}, date = {2022-09-08}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/09/08/microsoft-investigates-iranian-attacks-against-the-albanian-government}, language = {English}, urldate = {2022-09-13} } Microsoft investigates Iranian attacks against the Albanian government
ZeroCleare
2022-09-07MicrosoftMicrosoft Security Threat Intelligence
@online{intelligence:20220907:profiling:26b424d, author = {Microsoft Security Threat Intelligence}, title = {{Profiling DEV-0270: PHOSPHORUS’ ransomware operations}}, date = {2022-09-07}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/09/07/profiling-dev-0270-phosphorus-ransomware-operations/}, language = {English}, urldate = {2022-09-13} } Profiling DEV-0270: PHOSPHORUS’ ransomware operations