Microsoft Threat Intelligence @MsftSecIntel
We are Microsoft's global network of security experts. Follow for security research and threat intelligence. aka.ms/threatintelblog Redmond, WA Joined November 2010-
Tweets5K
-
Followers180K
-
Following1K
-
Likes2K
Learn about @pmelson's insights on running @ScumBots & monitoring platforms where threat actors collaborate, and why he expects attackers to start buying insider threats, in this Microsoft Threat Intelligence Podcast episode with host @sherrod_im: msft.it/6010Yy3FE
Microsoft has identified longstanding activity by the Russian-based threat actor we track as Forest Blizzard using a custom tool we call GooseEgg to exploit CVE-2022-38028 in the Windows Print Spooler service to elevate permissions and steal credentials: msft.it/6014YG3oI
Microsoft has tracked at least 70 Russian actors engaged in Ukraine-focused disinformation campaigns concentrated on undermining support for Ukraine. Meanwhile, China seeks to exploit societal polarization and diminish faith in US democratic systems: msft.it/6013Y8noc
Microsoft has uncovered an attack that exploits critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity. Get our analysis, IOCs, and investigation guidance: msft.it/6012YB57m
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇BleepingComputer @BleepinComputer
212K Followers 175 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!mRr3b00t @UK_Daniel_Card
92K Followers 7K Following 真理的揭露者 Quis custodiet ipsos custodes fella in cyberspace #nafo undercover #FVEY Lovely Horse #fella #meme #farm #appreciator #cyber #specialistJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsDebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.Grzegorz Tworek @0gtweet
29K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-Matt Zorich @reprise_99
11K Followers 2K Following @Microsoft GHOST 👻 | https://t.co/HWozKuj5IQ | Tweets are my ownKatie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]Kevin Beaumont @GossiTheDog
151K Followers 943 Following https://t.co/r8moXSpOva. I create cyber weather. Follow me: https://t.co/vdIisQz5hgWill @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilChris Sanders 🔎 �.. @chrissanders88
32K Followers 505 Following Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSMDirectoryRanger @DirectoryRanger
31K Followers 100 Following This account assembles and disseminates information related to Active Directory and Windows security.blackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need JobDr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)Will Dormann @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. @[email protected]Speaker 25 @rodtrent
15K Followers 2K Following Christian. Husband. Father. Runner. Speaker. Author. Cyber and AI @Microsoft. Copilot for Security. Dude/BroMichael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFrootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.Kostas @Kostastsale
16K Followers 364 Following @TheDFIRReport member | Tweeting and following mostly #ThreatIntel,#malware,#IR & #Threat_Hunting. Opinions are mine only! 🇬🇷🇨🇦Vedant Achan @chalti_ka_naam
3 Followers 81 Followingdarlakarren @darlakarren
354 Followers 3K Followingmeher vardhan @VardhanMeher
0 Followers 7 FollowingPaul Stoecker @pwstoecker
0 Followers 28 FollowingTorsten Enderling @carfesh
2 Followers 85 FollowingDanny Eude @eudedude
7 Followers 47 Followingbeige @0xbeige_
0 Followers 77 FollowingBrian karanja {cyb3r4.. @cyb3rarson
337 Followers 1K Following Network Security || cyber security lead @communitykyu || Cisco certified network associatePzron @pzr0n
104 Followers 158 Following Security Researcher | Security Auditor | AppSec | Hacker | Red Teamer | Penetration Tester | Bug Bounty Hunter | Securing the digital realm Opinions are my own!chirourgiki g @chirourgik5994
0 Followers 2 FollowingSébastien Pryhynski @emygpry
19 Followers 50 Following Exterminer les microbes 🔮🧩🧸🀄✨️🚬🗜 ~IrridiumBo£ #Quantfury #kratos #Broly #Medellín #Odessalike what/so funny @bro_itzmonday
221 Followers 1K Following Big tits, Big d*cks, with a lil 🌶️🥵 so everything nice 18+ NSFW appreciationbobzo @bobzo2020
25 Followers 66 FollowingFernando Rodríguez @FerRodriiguez
591 Followers 2K Following Dios Eterno Padre || Estudiante de Ing. en la UCA ||Gamer 🎮 ||#XboxAmbassador ||Fan de la poesía||RT no es apoyo.carrion_caves @CarrionCaves
3 Followers 74 FollowingGeorgiannGentili @GeorgiannG45408
4 Followers 676 Followingcti-lab @DGeorgeluiz
0 Followers 16 FollowingFabio @FabioMartins_DF
10 Followers 269 FollowingRocco Soprano @PS_Rocco
83 Followers 331 FollowingCTI-LAB2024 @CtiLab2024
0 Followers 43 FollowingFilipe da Silveira @filipebcs
17 Followers 90 Followingscmendonca @cast1glion1
0 Followers 45 FollowingCVTech Cyber @cvtechcyber
4 Followers 55 Followingnone of your business @translanguage3
21 Followers 184 Following in shock but no awe @lostntranslatio / roseThanks Always @iTimonPumbaa
5 Followers 368 Following1 ₿ = 1 ₿ @Topec21_
285 Followers 165 Following ₿uilding the future at CERTUSHACK https://t.co/gaaH9zwCCkChaudhari Nilesh @null3sh
5 Followers 50 FollowingAndreas Bråthen @andtux
4 Followers 703 FollowingAmit Kumar Singh @Amkumar8961
57 Followers 593 Followingchris @okiesec
35 Followers 22 FollowingErich Schneider-Müll.. @erick_6009
1 Followers 862 FollowingOmar Assaf @omar_assaf
29 Followers 213 Following IT solutions architect, Cloud & Infrastructure Specialist, Network security engineer, Azure, M365, Intune family expert,Non-profit sector.Deepraj Das @Deepatdubai
0 Followers 29 FollowingFlorian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇MalwareHunterTeam @malwrhunterteam
219K Followers 36 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.BleepingComputer @BleepinComputer
212K Followers 175 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!mRr3b00t @UK_Daniel_Card
92K Followers 7K Following 真理的揭露者 Quis custodiet ipsos custodes fella in cyberspace #nafo undercover #FVEY Lovely Horse #fella #meme #farm #appreciator #cyber #specialistDebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.Unit 42 @Unit42_Intel
51K Followers 88 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.Matt Zorich @reprise_99
11K Followers 2K Following @Microsoft GHOST 👻 | https://t.co/HWozKuj5IQ | Tweets are my ownKatie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]Kevin Beaumont @GossiTheDog
151K Followers 943 Following https://t.co/r8moXSpOva. I create cyber weather. Follow me: https://t.co/vdIisQz5hgDr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)rootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.Thomas Roccia 🤘 @fr0gger_
25K Followers 2K Following Sr. Threat Researcher @Microsoft, Malware Warlock, Threat Intel, Python🧡- Former @McAfee_labs, Goon @Defcon, Creator of #UnprotectProject - Tweets are my ownCatalin Cimpanu @campuscodi
112K Followers 1K Following Parked account. I don't post here anymore. Follow me on Mastodon: @[email protected]hasherezade @hasherezade
84K Followers 844 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)Virus Bulletin @virusbtn
59K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]x0rz @x0rz
98K Followers 422 Following Cybersecurity & Threat Intelligence. Knowledge is power, France is bacon 🥓Dark Reading @DarkReading
325K Followers 47 Following One of the most widely read and trusted cybersecurity news sites, providing IT security professionals informed insights into the latest news and trends.David Weston (DWIZZZL.. @dwizzzleMSFT
25K Followers 1K Following Vice President, OS Security and Enterprise @Microsoft || @CISAgov Technical Advisory CommitteeMicrosoft Mechanics @MSFTMechanics
147K Followers 402 Following Why, How & When to use current and forthcoming Microsoft Tech. Hosted by Microsoft Director @DeployJeremy & colleagues. An official @Microsoft video series.Karsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️Steve Ginty @SEGinty
782 Followers 738 Following PassiveTotal Co-founder, Security Researcher, and Beer AficionadoJason Geffner @JasonGeffner
2K Followers 275 Following I’ve moved to Threads — https://t.co/5wp0pN3yP6waymon @obnoxious4n6
610 Followers 1K Following Senior Security Research Manager @Microsoft GHOST || tryin to navigate this cyber stuff || tweets == my ownWojska Obrony Cyberpr.. @CyberWojska
14K Followers 12 Following Witamy na oficjalnym profilu Wojsk Obrony Cyberprzestrzeni. Cyber Command. #CyberAktywni #CyberBezpieczni #CyberSkuteczniMatthew Kennedy @_matt_kennedy
347 Followers 227 Following Analyst at Microsoft Threat Intelligence Center. Adjunct Faculty at Georgetown University. Penn State Alum. Tweets are my own.Scott Hanselman 🌮 @shanselman
329K Followers 11K Following VP of Developer Community @ MSFT - Code, OSS, STEM, Beyoncé, 🏴🇿🇼#T1D, #DevRel YouTube+TikTok listen to the @Hanselminutes inclusive tech podcast!Michael Howard @michael_howard
4K Followers 107 Following Software security @MSFT working on Azure Data Platform. Co-author of 'Designing and Developing Secure Azure Solutions' and Co-host of the https://t.co/Wl2HLF1ad9Jamie Williams @jamieantisocial
6K Followers 5K Following 🤘@mitreattack for Enterprise Lead, former ATT&CK Evals water distribution engineer (the artists known as #UNC1799), @DistrictHeather ♥️🍷, he/him.Emiel Haeghebaert @EHaeghebaert
1K Followers 287 Following Senior Hunt Analyst at @Microsoft Threat Intelligence Center. MA in Security Studies @GeorgetownCSS Alumn. He/him. Opinions are my own.Eric Geller @ericgeller
84K Followers 898 Following Freelance cybersecurity reporter covering all things digital security. I also co-host @hothtakes. | Send me tips: https://t.co/j2VflOTeFSCYBERWARCON @CYBERWARCON
4K Followers 567 Following Stay tuned for info about #CYBERWARCON 2024! 📧 Email us or visit the site for sponsorship info.OpenAI @OpenAI
3.4M Followers 0 Following OpenAI’s mission is to ensure that artificial general intelligence benefits all of humanity. We’re hiring: https://t.co/dJGr6LgzPAJesse D'Aguanno @0x30n
2K Followers 611 Following Hacker, Vuln Research, 2x winner DEF CON CTF, Founder & CEO Blackwing Intelligence (@blackwinghq), not a CISSP (@[email protected])Sarah Young @_sarahyo
9K Followers 1K Following Senior Cloud Security Advocate @microsoft | Co-host of @AzureSecPod | Mother of shibes | Mostly dogs, carbs & security posts | Opinions minechristine is throwing.. @x71n3
1K Followers 816 Following 'Don't miss opportunities because you think that ideas aren't important unless they're complicated. Simple ideas are often the most powerful.' -Patrick WinstonLauren Leigh @LaurenLeigh522
285 Followers 537 Following Intelligence Analyst. (Former) dancer. Not good at tweeting but love reading and liking tweets from others! Views are mine not my employer’s.Sarah Armstrong-Smith @SarahASmith75
5K Followers 2K Following Microsoft Chief Security Advisor, Keynote Speaker, Best Selling Author, Lover of Doggos. Eternal Optimist! Aston Baby. All views my own 🇬🇧Clint Watts @selectedwisdom
207K Followers 1K Following Current: @MSNBC @microsoft | Possibly 1 of the top 25 time lapse photographers in the Hudson Valley | Views are my ownJohn Scott-Railton @jsrailton
176K Followers 2K Following Chasing digital badness. Sr. Researcher @citizenlab @UofT @munkschool. Fmr.Ed. @SecPlanner. Tweets mine. Or find me on Mastodon: https://t.co/YPRqnoBtceCitizen Lab @citizenlab
122K Followers 1K Following Research & development at the intersection of cyberspace, global security & human rights. Munk School of Global Affairs & Public Policy, University of TorontoPawel Partyka @Pawp81
1K Followers 317 Following Amateur cyclist and swimmer. Security Researcher in Microsoft 365 Defender team. Tweets are mine.Sherrod DeGrippo 🦓 @sherrod_im
31K Followers 7K Following Strawberry Tempest. Weird security voyeur. Vibe merchant. CISO of your heart. Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast.MITRE @MITREcorp
20K Followers 2K Following Applying systems thinking to national challenges in defense, cybersecurity, healthcare, homeland security, & transportation. Solving problems for a safer world.Chris Eng @chriseng
12K Followers 866 Following Chief Research Officer @Veracode | Cautious Traveler | Food Enthusiast | Dad | Public Speaker | IG:chrisplusfilters | https://t.co/g6xuBsr4lpD̒̕ᵈăᵃn̕ᶰ .. @Viss
47K Followers 775 Following @[email protected] Founder/CTO, Phobos Group :: spiceshop = https://t.co/h9ioG1Ykn7 :: quad flooper : scoville addict ::public speaker :: food pornographerSick.Codes @sickcodes
16K Followers 6K Following Weaponizing source code 🧬 https://t.co/KyNXMmRX1H 🐘 https://t.co/qulkQaGWp9 🤖 https://t.co/TosFp8TDVo 🇦🇺Callum @callum_infosec
244 Followers 92 FollowingSil @kyotorocks
100 Followers 557 Following Threat Intelligence Manager / Reverse Engineer @ Microsoft Threat Intelligence Center (MSTIC). Tweets are my own.Michael Peck @mpeck2
162 Followers 565 Following cross-platform/mobile security research lead, opinions are my ownDimitrios 🪼🪼 �.. @Ch0pin
3K Followers 58 Following Senior Security Researcher @Microsoft. Developer of https://t.co/Gc5RzBvCGL. Mastodon: https://t.co/jimGT5rgIU. My opinions are my own.thomasg @thomas_0x47
164 Followers 291 Following Threat Analyst @ Microsoft Threat Intelligence Center #MSTIC. Tweets and opinions my ownTal Maor @talthemaor
1K Followers 427 Following Security Researcher @Microsoft #MicrosoftThreatIntelligence Tweets are my own personal opinion.Philip Tsukerman @PhilipTsukerman
3K Followers 79 Following I sometimes tweet about security stuff. Pondering whether to turn this into a music-focused account instead...Justin @sixdub
11K Followers 1K Following Microsoft Threat Intelligence | Student @ GMU Antonin Scalia Law School | USAFA '10 & USAF Veteran | Focus: Intelligence, Technology, LeadershipNot on here anymore, .. @malwaretech
33K Followers 2 Following No longer using Twitter. Check out https://t.co/BYnF2Aml7H for where to find me.NHS England Digital @NHSDigital
88K Followers 4K Following Improving lives with data and technology. NHS Digital is now part of @NHSEnglandmsticpy @msticpy
881 Followers 22 Following #msticpy is an open source library for InfoSec investigation and hunting in #Jupyter Notebooks and #Python.Jenna McLaughlin @JennaMC_Laugh
40K Followers 4K Following @NPR cybersecurity correspondent. 🎤🤖 Was: @YahooNews, @CNN, @ForeignPolicy etc. Email: [email protected]Greg Schloemer @Greg_Schloemer
1K Followers 1K Following Threat Intelligence Analyst @Microsoft (MSTIC). VP/Board of Directors @kc7cyber. Tweets are mine. He/himjeff stone @jeffstone500
7K Followers 980 Following cyber editor @business tracking scams, hacks + weirdness. Bluesky: https://t.co/DiziPIypyI Mastodon: https://t.co/CuWjuUm3tfAmy Hogan-Burney @CyberAmyHB
1K Followers 168 Following Brockton Royalty. GM, Cybersecurity Policy & Protection @Microsoft - working to secure the digital ecosystem. Still wearing great shoes. Tweets are all mine.Ajeet @PrakashAjeet
1K Followers 431 Following Security Person at Microsoft. Microsoft Threat Intelligence Center, #AzureSentinel. #AzureSecurityCenter. Opinions are my own.In response to these actor activities, the ms-appinstaller URI scheme handler has been disabled by default in App Installer build 1.21.3421.0. Microsoft Security Response Blog has also published additional guidance (msrc.microsoft.com/blog/2023/12/m…).
Microsoft has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, & Storm-1674, misusing the ms-appinstaller URI scheme (App Installer) to distribute malware. Get TTPs and protection info: msft.it/6019i5z9d
Very much advanced persistent crime vibes on Storm-0539 (gift card fraud via targeted-ish intrusions). Large holidays coming, and indications are this actor is increasing activity.
Microsoft has observed a significant surge in activity associated with the threat actor Storm-0539, known to target retail organizations for gift card fraud and theft using highly sophisticated email and SMS phishing during the holiday shopping season.
Be on the lookout for an increase in sms-based phishing this holiday season. Lots of threat actors are using this technique, including Storm-0539.
Microsoft has observed a significant surge in activity associated with the threat actor Storm-0539, known to target retail organizations for gift card fraud and theft using highly sophisticated email and SMS phishing during the holiday shopping season.
US Government and Polish Government partners have released a CSA detailing TeamCity exploitation by Midnight Blizzard (NOBELIUM). CISA: cisa.gov/news-events/cy… Poland: gov.pl/web/baza-wiedz… Microsoft took steps to disrupt this track and disrupt this campaign. Details below.
Microsoft has taken steps to disrupt and mitigate a widespread campaign by the Russian nation-state threat actor Midnight Blizzard targeting TeamCity servers using the publicly available exploit for CVE-2023-42793.
Midnight Blizzard is at it again, this time targeting vulnearable TeamCity servers, disabling AV/EDR, deploying VaparRage, Mimikatz, DSinternals, rsockstun, etc. Microsoft Threat Intelligence: x.com/MsftSecIntel/s… CISA: cisa.gov/news-events/cy… CERT-PL: gov.pl/web/baza-wiedz…
Microsoft has taken steps to disrupt and mitigate a widespread campaign by the Russian nation-state threat actor Midnight Blizzard targeting TeamCity servers using the publicly available exploit for CVE-2023-42793.
Just in time for the holidays: A list of checks to prevent cyber-attacks motivated by financial gain. A comprehensive analysis of real-world cases, effective mitigation steps, thorough detection coverage, and practical hunting guidance.
Threat actors are misusing OAuth applications commonly used for automating business processes in their financially motivated attacks. Microsoft shares analysis of real-world cases, mitigation steps, detection coverage, and hunting guidance: msft.it/6011ipsUU
Star Blizzard (🇷🇺) is always rolling out unique ways to evade detection. Here's a fantastic update from the team on their latest moves... including a lot of TTPs & IOCs! More details in our Defender Threat Inteligence customer portal.
Microsoft continues to track and disrupt activity attributed to a Russian state-sponsored actor we track as Star Blizzard (SEABORGIUM), who has improved their evasion capabilities since 2022 while remaining focused on email credential theft. Get TTPs: msft.it/6014iR1f8
Microsoft Threat Intelligence is sharing additional intelligence on Star Blizzard (overlaps Calisto / ColdRiver), who is active in espionage and IO. UK NCSC has just attributed them to FSB Center 18. The blog details ongoing campaigns and evasion microsoft.com/en-us/security…
Microsoft continues to track and disrupt activity attributed to a Russian state-sponsored actor we track as Star Blizzard (SEABORGIUM), who has improved their evasion capabilities since 2022 while remaining focused on email credential theft. Get TTPs: msft.it/6014iR1f8
Some great guidance from my co-workers based on what we have been assisting customers.
Properly configuring Microsoft Entra ID can help avoid cloud identity compromise that could lead to malicious attacks or even tenant destruction. The Microsoft Incident Response team provides guidance based on past engagements here: msft.it/6010iuKPK
We are often engaged with organizations that have lost complete control of their Microsoft Entra ID tenant, I wrote a comprehensive blog post on lessons learned from real world engagements to try to help reduce the risk of the same happening to you microsoft.com/en-us/security…
Really great collection recommendations, best practice, and actionable intelligence derived from Microsoft IR engagements over the last year.
Properly configuring Microsoft Entra ID can help avoid cloud identity compromise that could lead to malicious attacks or even tenant destruction. The Microsoft Incident Response team provides guidance based on past engagements here: msft.it/6010iuKPK
Together against cyberthreat‼️
The Polish Cyber Command (DKWOC) partnered with Microsoft to take action against Forest Blizzard actors, and to identify and mitigate techniques used by the actor. We thank DKWOC for their partnership and collaboration on this effort. msft.it/6019iPOLW
Understanding, detecting, and defending against a threat are effective but working with partners like Polish Cyber Command (DKWOC) to disrupt malicious activity is even better! Great work by our hunting teams. More details in the DKWOC write-up here...
Microsoft has identified a Russian-based nation-state threat actor tracked as Forest Blizzard (STRONTIUM, APT28, FANCYBEAR) actively exploiting CVE-2023-23397 to provide secret, unauthorized access to email accounts within Exchange servers: msft.it/6018iPOLm
Microsoft identified a Diamond Sleet software supply chain compromise impacting a trojanized CyberLink installer. More details in the blog here:
Microsoft has uncovered a supply chain attack by North Korean threat actor Diamond Sleet (ZINC) involving the modification of an installer file from software maker CyberLink. The payload calls back to attacker infrastructure for instructions. Learn more: msft.it/6013iHoQF
Microsoft identified a Diamond Sleet 🇰🇵 supply chain compromise involving a legitimate code signing certificate and a weaponized version of a CyberLink installer. Check the blog for details of the malware + IOCs ⬇️
Microsoft has uncovered a supply chain attack by North Korean threat actor Diamond Sleet (ZINC) involving the modification of an installer file from software maker CyberLink. The payload calls back to attacker infrastructure for instructions. Learn more: msft.it/6013iHoQF
New analysis on a supply chain attack by North Korea-based Diamond Sleet (🇰🇵) using the legitimate code signing cert and a modified installer file from software maker CyberLink. The payload includes time limit checks for execution and evades detection by security products.
Microsoft has uncovered a supply chain attack by North Korean threat actor Diamond Sleet (ZINC) involving the modification of an installer file from software maker CyberLink. The payload calls back to attacker infrastructure for instructions. Learn more: msft.it/6013iHoQF
Microsoft Threat Intelligence has uncovered a supply-chain intrusion carried out by Diamond Sleet (Zinc / Overlaps w/ Labyrinth Chollima and Temp.Hermit) leveraging a legitimate CyberLink application installer. Impacts spanning multiple countries/sectors microsoft.com/en-us/security…
Microsoft has uncovered a supply chain attack by North Korean threat actor Diamond Sleet (ZINC) involving the modification of an installer file from software maker CyberLink. The payload calls back to attacker infrastructure for instructions. Learn more: msft.it/6013iHoQF
Fascinating story about the time GPT4 was previewed at Bill Gates' house: "Last summer, Charlie Bell, who's our executive Vice President [for Microsoft Security], went to Bill Gates' house with the other senior leaders at Microsoft and got a preview of new AI technology that…
Arrived at #MSIgnite for my session with @sherrod_im. Come say hi! You know you’re in Seattle when the floor number is made of cassette tapes from the 90s!
The new era of security is here, and it is driven by the power of AI to help bring the advantage back to the defender. Today, we are excited to expand upon Microsoft’s Security vision for the future and share the latest generative AI announcements. 💜 aka.ms/IgniteFY24Secu…