 |
Microsoft shifts to a new threat actor naming taxonomy. Microsoft is excited to announce that we are shifting to a new threat actor naming taxonomy aligned to the theme of weather.
|
 |
Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets. Report on a mature and active subset of Mint Sandstorm quickly adopting and operationalizing exploits for newly reported, high-severity vulnerabilities to deploy custom malware in organizations of interest, including critical infrastructure. |
 |
Threat actors strive to cause Tax Day headaches. With U.S. Tax Day approaching, Microsoft has observed phishing attacks targeting accounting and tax return preparation firms to deliver the Remcos remote access trojan (RAT) |
 |
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia. Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure called REIGN, that’s designed to exfiltrate data from mobile devices. |
 |
MERCURY and DEV-1084: Destructive attack on hybrid environment. Microsoft detected a unique operation where threat actors had extensive destructive impact on on-premises and cloud customer environment. |
 |
DevOps threat matrix: Categorizing and mapping techniques attackers use to target DevOps environments. |