Threat Actors

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

April 23, 2024

Microsoft Threat Intelligence is publishing results of our longstanding investigation into activity by the Russian-based threat actor Forest Blizzard (STRONTIUM)...

Star Blizzard increases sophistication and evasion in ongoing attacks

March 11, 2024

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star...

Staying ahead of threat actors in the age of AI

March 11, 2024

Over the last year, the speed, scale, and sophistication of attacks has increased alongside the rapid development and adoption of...

New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs

March 11, 2024

Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern...

Midnight Blizzard: Guidance for responders on nation-state attack

March 11, 2024

The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our...

CISA Reveals JCDC’s 2024 Cybersecurity Priorities

February 14, 2024

The US Cybersecurity and Infrastructure Security Agency (CISA) has revealed its 2024 priorities for the Joint Cyber Defense Collaborative (JCDC),...

X Makes Passkeys Available for US-Based Users

January 25, 2024

Social media giant X (formerly Twitter) has made passkeys available as a login option for US-based users on iOS.A post...

OpenAI Announces Plans to Combat Misinformation Amid 2024 Elections

January 18, 2024

With elections expected to occur in over 50 countries in 2024, the misinformation threat will be top of mind.OpenAI, the...

Phishing Spree Targets Zimbra Collaboration Account Holders

August 18, 2023

Cybersecurity researchers at ESET have exposed an ongoing mass-spreading phishing campaign that explicitly targets Zimbra Collaboration email server users. The...

Threat Actors

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

Star Blizzard increases sophistication and evasion in ongoing attacks

Staying ahead of threat actors in the age of AI

New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs

Midnight Blizzard: Guidance for responders on nation-state attack

CISA Reveals JCDC’s 2024 Cybersecurity Priorities

X Makes Passkeys Available for US-Based Users

OpenAI Announces Plans to Combat Misinformation Amid 2024 Elections

Phishing Spree Targets Zimbra Collaboration Account Holders

CISA: CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: CISA and Partners Release Fact Sheet on Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CERT/CC Reports R Programming Language Vulnerability

You may have missed