Click here to download all references as Bib-File.
2023-09-12 ⋅ Security Intelligence ⋅ Email campaigns leverage updated DBatLoader to deliver RATs, stealers DBatLoader |
2023-06-06 ⋅ Security Intelligence ⋅ ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK) RokRAT |
2023-04-14 ⋅ Security Intelligence ⋅ Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor Minodo |
2022-11-09 ⋅ Security Intelligence ⋅ Ransomware-as-a-Service Transforms Gangs Into Businesses Eternity Stealer |
2022-10-28 ⋅ Elastic ⋅ EMOTET dynamic config extraction Emotet |
2022-05-06 ⋅ Twitter (@MsftSecIntel) ⋅ Twitter Thread on initial infeciton of SocGholish/ FAKEUPDATES campaigns lead to BLISTER Loader, CobaltStrike, Lockbit and followed by Hands On Keyboard activity FAKEUPDATES Blister Cobalt Strike LockBit |
2022-03-01 ⋅ Akamai ⋅ TCP Middlebox Reflection: Coming to a DDoS Near You |
2022-01-15 ⋅ Microsoft ⋅ Destructive malware targeting Ukrainian organizations (DEV-0586) WhisperGate DEV-0586 |
2021-12-15 ⋅ Security Intelligence ⋅ Nation State Threat Group Targets Airline with Aclip Backdoor |
2021-10-21 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on new variant of mac malware UpdateAgent/WizardUpdate Vigram |
2021-10-19 ⋅ Microsoft ⋅ Adware:MacOS/Adload.A |
2021-10-12 ⋅ Elastic ⋅ Going Coast to Coast - Climbing the Pyramid with the Deimos Implant Deimos |
2021-09-29 ⋅ Silent Push ⋅ Evaluating the Value of Security Intelligence Feeds with Silent Push |
2021-09-25 ⋅ Twitter (@MsftSecIntel) ⋅ Thread on Malicious Android apps posing as bank loan services are being widely distributed to targets in Asia Unidentified APK 006 |
2021-08-04 ⋅ Security Intelligence ⋅ ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group LittleLooter |
2021-07-27 ⋅ Elastic ⋅ Collecting and operationalizing threat data from the Mozi botnet Mozi |
2021-07-24 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on attackers increasingly using HTML smuggling in phishing and other email campaigns to deliver Casbaneiro Metamorfo |
2021-06-11 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on solarmarker/Jupyter malware solarmarker |
2021-05-20 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on Java-based STRRAT malware campaign distributed via email STRRAT |
2021-05-11 ⋅ Twitter (@MsftSecIntel) ⋅ Tweet on Snip3 crypter delivering AsyncRAT or AgentTesla Agent Tesla AsyncRAT |