2024-02-14
In collaboration, OpenAI and Microsoft Threat Intel conducted analysis on how state-aligned actors are using publicly available LLMs. Assessment is that they are exploring the capability — primarily using for productivity, and early-stage capability. https://www.microsoft.com/...
The Verge
Microsoft and OpenAI say hackers, including Russian, North Korean, Iranian, and Chinese-backed groups, are already using LLMs to refine and improve cyberattacks
Microsoft and OpenAI are revealing today that hackers are already using large language models like ChatGPT to refine and improve their existing cyberattacks.
2023-12-15
The Digital Crimes Unit (DCU)of Microsoft (w/Arkose Labs) has taken legal action against the individuals behind Storm-1152, the number one creator and seller of fraudulent Microsoft accounts. To date, Storm-1152 has created for sale ~750 million accts. https://blogs.microsoft.com/ ...
Wired
How Microsoft's 10-year-old Digital Crime Unit uses unique legal tactics and the company's technical reach to disrupt global cybercrime and state-backed actors
Ten years in, Microsoft's DCU has honed its strategy of using both unique legal tactics and the company's technical reach …
The Digital Crimes Unit (DCU)of Microsoft (w/Arkose Labs) has taken legal action against the individuals behind Storm-1152, the number one creator and seller of fraudulent Microsoft accounts. To date, Storm-1152 has created for sale ~750 million accts. https://blogs.microsoft.com/ ...
CyberScoop
Microsoft seizes US-based infrastructure and websites used by cybercrime group Storm-1152 that created ~750M fraudulent Microsoft accounts, after a court order
2023-12-14
The Digital Crimes Unit (DCU)of Microsoft (w/Arkose Labs) has taken legal action against the individuals behind Storm-1152, the number one creator and seller of fraudulent Microsoft accounts. To date, Storm-1152 has created for sale ~750 million accts. https://blogs.microsoft.com/ ...
CyberScoop
Microsoft seizes US-based infrastructure and websites used by cybercrime group Storm-1152 that created ~750M fraudulent Microsoft accounts, after a court order
Relying on a court order, the tech giant seized websites belonging to a top purveyor of fraudulent Microsoft accounts.
2023-12-09
Microsoft Threat Intelligence is sharing additional intelligence on Star Blizzard (overlaps Calisto / ColdRiver), who is active in espionage and IO. UK NCSC has just attributed them to FSB Center 18. The blog details ongoing campaigns and evasion https://www.microsoft.com/...
Wall Street Journal
The US and the UK accuse Russia's FSB of orchestrating a global hacking campaign since 2015 to interfere in UK elections and target US energy networks and spies
2023-12-08
Microsoft Threat Intelligence is sharing additional intelligence on Star Blizzard (overlaps Calisto / ColdRiver), who is active in espionage and IO. UK NCSC has just attributed them to FSB Center 18. The blog details ongoing campaigns and evasion https://www.microsoft.com/...
Wall Street Journal
The US and the UK accuse Russia's FSB of orchestrating a global hacking campaign since 2015 to interfere in UK elections and target US energy networks and spies
The cyberattacks also allegedly took aim at U.S. energy networks and American spies — LONDON—The U.S. and U.K. governments …
2023-12-07
Microsoft Threat Intelligence is sharing additional intelligence on Star Blizzard (overlaps Calisto / ColdRiver), who is active in espionage and IO. UK NCSC has just attributed them to FSB Center 18. The blog details ongoing campaigns and evasion https://www.microsoft.com/...
The Record
The UK accuses a unit of Russia's FSB of using cyberattacks in a “sustained but unsuccessful” campaign to undermine democratic institutions since 2015
The British government accused a unit of Russia's Federal Security Service (FSB) on Thursday of using cyberattacks in a …
2023-11-24
Microsoft Threat Intelligence has uncovered a supply-chain intrusion carried out by Diamond Sleet (Zinc / Overlaps w/ Labyrinth Chollima and Temp.Hermit) leveraging a legitimate CyberLink application installer. Impacts spanning multiple countries/sectors https://www.microsoft.com/...
BleepingComputer
Microsoft says North Korean group Lazarus has breached software company CyberLink and modified one of its installers to push malware in a supply-chain attack
Sergiu Gatlan / BleepingComputer :
2023-11-23
Microsoft Threat Intelligence has uncovered a supply-chain intrusion carried out by Diamond Sleet (Zinc / Overlaps w/ Labyrinth Chollima and Temp.Hermit) leveraging a legitimate CyberLink application installer. Impacts spanning multiple countries/sectors https://www.microsoft.com/...
BleepingComputer
Microsoft says North Korean group Lazarus has breached software company CyberLink and modified one of its installers to push malware in a supply-chain attack
Sergiu Gatlan / BleepingComputer :
2023-10-27
New blog from Microsoft Incident Response and Microsoft Threat Intel on Octo Tempest (overlaps with Scattered Spider and 0ktapus), a “financially motivated collective of native English-speaking threat actors”. Blog details observed TTPs across *many* intrusions. 1/3
BleepingComputer
Microsoft publishes a profile of Octo Tempest, a “dangerous” hacking group targeting organizations across tech, gaming, financial services, and other sectors
Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities …
2020-10-13
Shoutout to all of those who might be behind the scenes involved with this! There will be different opinions on what the “right” course of action is, but I applaud collaboration of intelligence/research ending in disruption. (1/2) https://www.washingtonpost.com/ ...
ZDNet
Microsoft, Symantec, ESET, and other tech companies orchestrated an attempt to take down the TrickBot malware botnet, which had infected 1M+ computers
FS-ISAC, ESET, Lumen's Black Lotus Labs, NTT, Symantec, and the Microsoft Defender team participated in the takedown.
2020-10-12
Shoutout to all of those who might be behind the scenes involved with this! There will be different opinions on what the “right” course of action is, but I applaud collaboration of intelligence/research ending in disruption. (1/2) https://www.washingtonpost.com/ ...
ZDNet
A coalition of tech companies, including Microsoft and Symantec, orchestrated a takedown of the TrickBot malware botnet, which had infected 1M+ computers
FS-ISAC, ESET, Lumen's Black Lotus Labs, NTT, Symantec, and the Microsoft Defender team participated in the takedown.