Found 7 bookmarks
Custom sorting
New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog
New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog
In mid-November 2024, Microsoft Threat Intelligence observed the Russian threat actor we track as Star Blizzard sending their typical targets spear-phishing messages, this time offering the supposed opportunity to join a WhatsApp group. This is the first time we have identified a shift in Star Blizzard’s longstanding tactics, techniques, and procedures (TTPs) to leverage a […]
#microsoft#Threat#Intelligence#Star-Blizzard#WhatsApp#spear-phishing#campaign#research
·microsoft.com·
New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog
Star Blizzard increases sophistication and evasion in ongoing attacks
Star Blizzard increases sophistication and evasion in ongoing attacks
Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.
#microsoft#EN#2023#Threat#Intelligence#Star-Blizzard#attacks#analysis
·microsoft.com·
Star Blizzard increases sophistication and evasion in ongoing attacks
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads.
#microsoft#EN#2022#LAPSUS$#DEV-0537#extortion#research#activity#threat#group
·microsoft.com·
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads.
#microsoft#EN#2022#LAPSUS$#DEV-0537#extortion#research#activity#threat#group
·microsoft.com·
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads.
#microsoft#EN#2022#LAPSUS$#DEV-0537#extortion#research#activity#threat#group
·microsoft.com·
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction