ThreatsHub.org
Join our community of analysts and engineers at the third annual InfoSec Jupyterthon 2022, an online event taking place on December 2 and 3, 2022.
The post Join us at InfoSec Jupyterthon 2022 appeared first on Microsoft Security Blog. READ MORE HERE…
MSTIC and MSRC disclose technical details of a private-sector offensive actor (PSOA) tracked as KNOTWEED using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and Central American customers.
The post Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM.
The post Exposing POLONIUM activity and infrastructure targeting Israeli organizations appeared first on Microsoft Security Blog. READ MORE HERE…
In January 2022, MSTIC ran its inaugural hack month for the open-source Jupyter and Python Security Tools library, MSTICPy. This blog highlights some of the contributions.
The post MSTICPy January 2022 hackathon highlights appeared first on Microsoft Security Blog. READ MORE HERE…
The Microsoft Threat Intelligence Center (MSTIC) is sharing information on a threat group named ACTINIUM, which has been operational for almost a decade and has consistently pursued access to organizations in Ukraine or entities related to Ukrainian affairs.
The post ACTINIUM targets Ukrainian organizations appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine.
The post Destructive malware targeting Ukrainian organizations appeared first on Microsoft Security Blog. READ MORE HERE…
China-based threat actor NICKEL has been targeting governments, diplomatic entities, and non-governmental organizations (NGOs) across Central and South America, the Caribbean, and Europe. Today, Microsoft announced the successful seizure of a set of NICKEL-operated websites and disruption of ongoing attacks.
The post NICKEL targeting government organizations across Latin America and Europe appeared first on Microsoft Security Blog. READ MORE HERE…
We’re excited to invite our community of infosec analysts and engineers to the second annual InfoSec Jupyterthon taking place on December 2-3, 2021. This is an online event organized by Open Threat Research Forge together with Microsoft Threat Intelligence Center (MSTIC).
The post Join us at InfoSec Jupyterthon 2021 appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft has observed multiple Iranian threat actors targeting the IT services sector in attacks that aim to steal sign-in credentials belonging to downstream customer networks to enable further attacks.
The post Iranian targeting of IT sector on the rise appeared first on Microsoft Security Blog. READ MORE HERE…
Over the past year, the Microsoft Threat Intelligence Center (MSTIC) has observed a gradual evolution of the tools, techniques, and procedures employed by malicious network operators based in Iran. This blog summarizes our analysis of trends in Iranian nation state actor activity and demonstrates MSTIC’s ongoing efforts to track these actors and protect customers from the related threats.
The post Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 appeared first on Microsoft Security Blog. READ MORE HERE…