Click here to download all references as Bib-File.
2022-11-09 ⋅ Security Intelligence ⋅ Ransomware-as-a-Service Transforms Gangs Into Businesses Eternity Stealer |
2022-10-28 ⋅ Elastic ⋅ EMOTET dynamic config extraction Emotet |
2022-05-06 ⋅ Twitter (@MsftSecIntel) ⋅ Twitter Thread on initial infeciton of SocGholish/ FAKEUPDATES campaigns lead to BLISTER Loader, CobaltStrike, Lockbit and followed by Hands On Keyboard activity FAKEUPDATES Blister Cobalt Strike LockBit |
2022-03-01 ⋅ Akamai ⋅ TCP Middlebox Reflection: Coming to a DDoS Near You |
2022-01-15 ⋅ Microsoft ⋅ Destructive malware targeting Ukrainian organizations (DEV-0586) WhisperGate DEV-0586 |
2021-10-21 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on new variant of mac malware UpdateAgent/WizardUpdate Vigram |
2021-10-12 ⋅ Elastic ⋅ Going Coast to Coast - Climbing the Pyramid with the Deimos Implant Deimos |
2021-09-29 ⋅ Silent Push ⋅ Evaluating the Value of Security Intelligence Feeds with Silent Push |
2021-09-25 ⋅ Twitter (@MsftSecIntel) ⋅ Thread on Malicious Android apps posing as bank loan services are being widely distributed to targets in Asia Unidentified APK 006 |
2021-08-04 ⋅ Security Intelligence ⋅ ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group LittleLooter |
2021-07-27 ⋅ Elastic ⋅ Collecting and operationalizing threat data from the Mozi botnet Mozi |
2021-07-24 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on attackers increasingly using HTML smuggling in phishing and other email campaigns to deliver Casbaneiro Metamorfo |
2021-06-11 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on solarmarker/Jupyter malware solarmarker |
2021-05-20 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on Java-based STRRAT malware campaign distributed via email STRRAT |
2021-05-11 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on Snip3 crypter delivering AsyncRAT or AgentTesla Agent Tesla AsyncRAT |
2021-03-18 ⋅ SUPO Finnish Security Intelligence Service ⋅ Supo identified the cyber espionage operation against the parliament as APT31 APT31 |
2021-03-02 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on Gootkit malware campaign GootKit |
2020-12-13 ⋅ Microsoft ⋅ Trojan:MSIL/Solorigate.B!dha SUNBURST |
2020-10-06 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on TA505 threat actor exploiting Zerologon (CVE-2020-1472) Vulnerability |
2020-08-27 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on Anubis Stealer Anubis |