Click here to download all references as Bib-File.•
| 2025-03-06
⋅
Twitter (@MsftSecIntel)
⋅
Tweet about Moonstone Sleet dropping Qilin ransomware Qilin |
| 2025-03-05
⋅
Microsoft
⋅
Silk Typhoon targeting IT supply chain |
| 2025-02-13
⋅
Microsoft
⋅
Storm-2372 conducts device code phishing campaign Storm-2372 |
| 2025-02-12
⋅
Microsoft
⋅
The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation LocalOlive |
| 2025-02-11
⋅
Twitter (@MsftSecIntel)
⋅
Twitter Thread on a new Kimsuky tactic inciting admins to paste powershell |
| 2025-02-06
⋅
Microsoft
⋅
Code injection attacks using publicly disclosed ASP.NET machine keys |
| 2025-01-21
⋅
Twitter (@MsftSecIntel)
⋅
Twitter Thread describing spotting of ReedBed in a Storm-1811 campaign ReedBed UNC4393 |
| 2025-01-16
⋅
Microsoft
⋅
New Star Blizzard spear-phishing campaign targets WhatsApp accounts |
| 2024-12-26
⋅
⋅
Weixin
⋅
Analysis of the attack activities of APT-C-26 (Lazarus) using weaponized IPMsg software ComeBacker |
| 2024-12-11
⋅
Microsoft
⋅
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine Amadey Kazuar Wipbot FlyingYeti |
| 2024-12-04
⋅
Microsoft
⋅
Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage Crimson RAT MiniPocket TwoDash Wainscot Operation C-Major Storm-0473 |
| 2024-11-22
⋅
Microsoft
⋅
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON Storm-2077 |
| 2024-11-09
⋅
Youtube (Microsoft Security Response Center (MSRC))
⋅
BlueHat 2024: S17: MSTIC - A Threat Intelligence Year in Review Storm-0506 TA2101 |
| 2024-11-09
⋅
Microsoft
⋅
BlueHat 2024: S17: MSTIC - A Threat Intelligence Year in Review Storm-0826 |
| 2024-10-31
⋅
Microsoft
⋅
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network Storm-0940 |
| 2024-10-29
⋅
Microsoft
⋅
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files |
| 2024-10-17
⋅
Microsoft Security
⋅
New macOS vulnerability, “HM Surf”, could lead to unauthorized data access |
| 2024-10-15
⋅
⋅
Weixin
⋅
Analysis of the attack activities of APT-C-35 (belly brain worm) against a manufacturing company in South Asia Unidentified 117 (Donot Loader) |
| 2024-10-12
⋅
Qianxin
⋅
Bitter Group Launches New Trojan Miyarat, Domestic Users Become Primary Ttargets MiyaRAT |
| 2024-10-09
⋅
Recorded Future
⋅
Outmaneuvering Rhysida: How Advanced Threat Intelligence Shields Critical Infrastructure from Ransomware Broomstick Rhysida |