Destructive malware targeting Ukrainian organizations
June 2023 update – For more information about Cadet Blizzard’s tooling, victimology, and motivation, read this blog: Cadet Blizzard emerges as a novel and distinct Russian threat actor | Microsoft...
View ArticleACTINIUM targets Ukrainian organizations
April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. ACTINIUM is now tracked as Aqua Blizzard and DEV-0586 is now...
View ArticleDisrupting SEABORGIUM’s ongoing phishing operations
April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. SEABORGIUM is now tracked as Star Blizzard and ACTINIUM is now...
View ArticleMagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. NOBELIUM is now tracked as Midnight Blizzard. To learn about...
View ArticleNew “Prestige” ransomware impacts organizations in Ukraine and Poland
April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. IRIDIUM is now tracked as Seashell Blizzard. To learn about how...
View ArticleCadet Blizzard emerges as a novel and distinct Russian threat actor
As Russia’s invasion of Ukraine continues into its second year and Microsoft continues to collaborate with global partners in response, the exposure of destructive cyber capabilities and information...
View ArticleMidnight Blizzard conducts targeted social engineering over Microsoft Teams
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as...
View ArticleMicrosoft shares threat intelligence at CYBERWARCON 2023
At the CYBERWARCON 2023 conference, Microsoft and LinkedIn analysts are presenting several sessions detailing analysis across multiple sets of threat actors and related activity. This blog is intended...
View ArticleStar Blizzard increases sophistication and evasion in ongoing attacks
Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard (formerly SEABORGIUM, also known as COLDRIVER...
View ArticleStaying ahead of threat actors in the age of AI
Over the last year, the speed, scale, and sophistication of attacks has increased alongside the rapid development and adoption of AI. Defenders are only beginning to recognize and apply the power of...
View Article
More Pages to Explore .....