Click here to download all references as Bib-File.
2023-11-22 ⋅ Microsoft ⋅ Diamond Sleet supply chain compromise distributes a modified CyberLink installer LambLoad |
2023-10-18 ⋅ Microsoft ⋅ Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability FeedLoad ForestTiger HazyLoad RollSling |
2023-09-12 ⋅ Microsoft ⋅ Malware distributor Storm-0324 facilitates ransomware access JSSLoader |
2023-08-24 ⋅ Microsoft ⋅ Flax Typhoon using legitimate software to quietly access Taiwanese organizations |
2023-08-02 ⋅ Microsoft ⋅ Midnight Blizzard conducts targeted social engineering over Microsoft Teams |
2023-07-19 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard DeliveryCheck Kazuar |
2023-07-14 ⋅ Microsoft ⋅ Analysis of Storm-0558 techniques for unauthorized email access |
2023-06-14 ⋅ Microsoft ⋅ Cadet Blizzard emerges as a novel and distinct Russian threat actor p0wnyshell reGeorg WhisperGate |
2023-05-24 ⋅ Microsoft ⋅ Volt Typhoon targets US critical infrastructure with living-off-the-land techniques Volt Typhoon |
2023-04-19 ⋅ Microsoft ⋅ Exploring STRONTIUM's Abuse of Cloud Services FusionDrive |
2023-04-18 ⋅ Microsoft ⋅ Nation-state threat actor PHOSPHORUS refines tradecraft to attack high-value targets Drokbk |
2023-04-13 ⋅ Microsoft ⋅ Threat actors strive to cause Tax Day headaches CloudEyE Remcos |
2023-04-11 ⋅ Microsoft ⋅ DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia |
2023-04-07 ⋅ Microsoft ⋅ MERCURY and DEV-1084: Destructive attack on hybrid environment DarkBit |
2023-03-15 ⋅ Microsoft ⋅ A year of Russian hybrid warfare in Ukraine CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket SwiftSlicer WhisperGate |
2023-03-13 ⋅ Microsoft ⋅ DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit |
2023-02-02 ⋅ YouTube (SLEUTHCON) ⋅ Lions, Tigers, and Infostealers - Oh my! RecordBreaker RedLine Stealer Vidar |
2022-12-15 ⋅ Microsoft ⋅ MCCrash: Cross-platform DDoS botnet targets private Minecraft servers |
2022-10-27 ⋅ Microsoft ⋅ Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity FAKEUPDATES BumbleBee Clop Fauppod Raspberry Robin Roshtyak Silence |
2022-10-10 ⋅ RiskIQ ⋅ DEV-0832 Leverages Commodity Tools in Opportunistic Ransomware Campaigns BlackCat Mount Locker SystemBC Zeppelin |