Click here to download all references as Bib-File.
2023-05-24 ⋅ Microsoft ⋅ Volt Typhoon targets US critical infrastructure with living-off-the-land techniques |
2023-04-19 ⋅ Microsoft ⋅ Exploring STRONTIUM's Abuse of Cloud Services FusionDrive |
2023-04-18 ⋅ Microsoft ⋅ Nation-state threat actor PHOSPHORUS refines tradecraft to attack high-value targets Drokbk |
2023-04-13 ⋅ Microsoft ⋅ Threat actors strive to cause Tax Day headaches CloudEyE Remcos |
2023-04-11 ⋅ Microsoft ⋅ DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia |
2023-04-07 ⋅ Microsoft ⋅ MERCURY and DEV-1084: Destructive attack on hybrid environment DarkBit |
2023-03-15 ⋅ Microsoft ⋅ A year of Russian hybrid warfare in Ukraine CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket SwiftSlicer WhisperGate |
2023-03-13 ⋅ Microsoft ⋅ DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit |
2023-02-02 ⋅ YouTube (SLEUTHCON) ⋅ Lions, Tigers, and Infostealers - Oh my! RecordBreaker RedLine Stealer Vidar |
2022-10-10 ⋅ RiskIQ ⋅ DEV-0832 Leverages Commodity Tools in Opportunistic Ransomware Campaigns BlackCat Mount Locker SystemBC Zeppelin |
2022-08-25 ⋅ Microsoft ⋅ MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations MimiKatz |
2022-08-24 ⋅ Microsoft ⋅ MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone |
2022-08-15 ⋅ Microsoft ⋅ Disrupting SEABORGIUM’s ongoing phishing operations Callisto |
2022-08-15 ⋅ Microsoft ⋅ Disrupting SEABORGIUM’s ongoing phishing operations |
2022-07-29 ⋅ RiskIQ ⋅ Falling Into a Nest of Vipers or: "Why'd it have to be snakes?" (Microsoft Threat Intelligence Brief) |
2022-07-27 ⋅ Microsoft ⋅ Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits Subzero |
2022-07-14 ⋅ Microsoft ⋅ North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware SiennaBlue SiennaPurple |
2022-07-12 ⋅ Microsoft ⋅ From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud |
2022-07-05 ⋅ Microsoft ⋅ Hive ransomware gets upgrades in Rust Hive |
2022-06-02 ⋅ Microsoft ⋅ Exposing POLONIUM activity and infrastructure targeting Israeli organizations POLONIUM |