Clik here to view.
Ghost in the shell: Investigating web shell attacks
Recently, an organization in the public sector discovered that one of their internet-facing servers was misconfigured and allowed attackers to upload a web shell, which let the adversaries gain a...
View ArticleClik here to view.
ZINC attacks against security researchers
In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint...
View ArticleClik here to view.
North Korean threat actor targets small and midsize businesses with H0lyGh0st...
April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. DEV-0530 is now tracked as Storm-0530 and PLUTONIUM is now...
View ArticleClik here to view.
ZINC weaponizing open-source software
April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. Zinc is now tracked as Diamond Sleet. To learn about how the...
View ArticleClik here to view.
Microsoft threat intelligence presented at CyberWarCon 2022
April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. BROMINE is now tracked as Ghost Blizzard DEV-0401 is now...
View ArticleClik here to view.
DEV-0139 launches targeted attacks against the cryptocurrency industry
April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. DEV-0139 is now tracked as Citrine Sleet. To learn about how...
View ArticleClik here to view.
Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793...
Since early October 2023, Microsoft has observed two North Korean nation-state threat actors – Diamond Sleet and Onyx Sleet – exploiting CVE-2023-42793, a remote-code execution vulnerability affecting...
View ArticleStaying ahead of threat actors in the age of AI
Over the last year, the speed, scale, and sophistication of attacks has increased alongside the rapid development and adoption of AI. Defenders are only beginning to recognize and apply the power of...
View Article
