microsoft threat intelligence center (mstic)

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Tue, 22 Nov 2022 18:00:00 +0000

Join our community of analysts and engineers at the third annual InfoSec Jupyterthon 2022, an online event taking place on December 2 and 3, 2022.

The post Join us at InfoSec Jupyterthon 2022 appeared first on Microsoft Security Blog.

Microsoft Security

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

July 27, 2022 admin cybersecurity, knotweed, Microsoft security intelligence, microsoft threat intelligence center (mstic), private-sector offensive actor (psoa)

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Wed, 27 Jul 2022 14:00:00 +0000

MSTIC and MSRC disclose technical details of a private-sector offensive actor (PSOA) tracked as KNOTWEED using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and Central American customers.

The post Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits appeared first on Microsoft Security Blog.

Microsoft Security

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

June 2, 2022 admin cybersecurity, Microsoft security intelligence, microsoft threat intelligence center (mstic), nation-state actor, polonium

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 02 Jun 2022 16:00:00 +0000

Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM.

The post Exposing POLONIUM activity and infrastructure targeting Israeli organizations appeared first on Microsoft Security Blog.

Microsoft Security

MSTICPy January 2022 hackathon highlights

February 25, 2022 admin cybersecurity, Microsoft security intelligence, microsoft threat intelligence center (mstic), python

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Fri, 25 Feb 2022 17:00:00 +0000

In January 2022, MSTIC ran its inaugural hack month for the open-source Jupyter and Python Security Tools library, MSTICPy. This blog highlights some of the contributions.

The post MSTICPy January 2022 hackathon highlights appeared first on Microsoft Security Blog.

Microsoft Security

ACTINIUM targets Ukrainian organizations

February 4, 2022 admin actinium, cybersecurity, microsoft 365 defender, Microsoft security intelligence, microsoft threat intelligence center (mstic), threat actor research

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Fri, 04 Feb 2022 18:00:00 +0000

The Microsoft Threat Intelligence Center (MSTIC) is sharing information on a threat group named ACTINIUM, which has been operational for almost a decade and has consistently pursued access to organizations in Ukraine or entities related to Ukrainian affairs. MSTIC previously tracked ACTINIUM activity as DEV-0157, and this group is also referred to publicly as Gamaredon.…

The post ACTINIUM targets Ukrainian organizations appeared first on Microsoft Security Blog.

Microsoft Security