Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-05-15MicrosoftMicrosoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot
2024-04-22MicrosoftMicrosoft Threat Intelligence
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
GooseEgg
2024-04-04Twitter (@embee_research)Embee_research
TLS Certificate For Threat Intelligence - Identifying MatanBuchus Domains Through Hardcoded Certificate Values
Matanbuchus
2024-02-07MicrosoftMicrosoft Threat Intelligence
Iran surges cyber-enabled influence operations in support of Hamas
2024-02-06Group-IBThreat Intelligence
Dead-end job: ResumeLooters gang infects websites with XSS scripts and SQL injections to vacuum up job seekers' personal data and CVs
ResumeLooters
2024-01-25JSAC 2024Masafumi Takeda, Tomoya Furukawa
Threat Intelligence of Abused Public Post-Exploitation Frameworks
AsyncRAT DCRat Empire Downloader GRUNT Havoc Koadic Merlin PoshC2 Quasar RAT Sliver
2024-01-25MicrosoftMicrosoft Threat Intelligence
Midnight Blizzard: Guidance for responders on nation-state attack
UNC2452
2024-01-17MicrosoftMicrosoft Threat Intelligence
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
MediaPI
2023-12-12MicrosoftMicrosoft Threat Intelligence
Threat actors misuse OAuth applications to automate financially driven attacks
Storm-1283 Storm-1286
2023-12-07MicrosoftMicrosoft Threat Intelligence
Star Blizzard increases sophistication and evasion in ongoing attacks
Callisto
2023-12-05PWCPwC Threat Intelligence
The Tortoise and The Malwahare
SnappyTCP
2023-12-01Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Danabot leading to cactus ransomware
Cactus DanaBot Storm-1044
2023-11-22MicrosoftMicrosoft Threat Intelligence
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
LambLoad
2023-11-09MicrosoftMicrosoft Threat Intelligence
Microsoft shares threat intelligence at CYBERWARCON 2023
Blue Tsunami
2023-10-31InfobloxInfoblox Threat Intelligence Group
Prolific Puma: Shadowy Link Shortening Service Enables Cybercrime
Prolific Puma
2023-10-30CheckpointCheckpoint Research
30TH OCTOBER – THREAT INTELLIGENCE REPORT
SingularityMD
2023-10-18MicrosoftMicrosoft Threat Intelligence
Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability
FeedLoad ForestTiger HazyLoad RollSling Silent Chollima
2023-10-13Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Storm-1575 and Dadsec phishing platform
Storm-1575
2023-10-11Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Storm-0062 exploiting CVE-2023-22515
Storm-0062
2023-09-12MicrosoftMicrosoft Threat Intelligence
Malware distributor Storm-0324 facilitates ransomware access
JSSLoader Storm-0324