Common Information
| Type | Value |
|---|---|
| Value |
UNC2452 |
| Category | |
| Type | Mandiant Uncategorized Groups |
| Misp Type | |
| Description |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-01 | 2 | Microsoft Warns: Midnight Blizzard's Ongoing Spear-Phishing Campaign with RDP Files | ||
| Details | Website | 2024-11-01 | 79 | Understanding and Mitigating Midnight Blizzard's RDP-Based Spearphishing Campaign | ||
| Details | Website | 2024-10-31 | 3 | Russian hackers deliver malicious RDP configuration files to thousands | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-31 | 3 | 俄罗斯 Cozy Bear 黑客使用 Microsoft、AWS 诱饵对关键部门进行网络钓鱼-安全客 - 安全资讯平台 | ||
| Details | Website | 2024-10-30 | 3 | Russian Cozy Bear Hackers Phish Critical Sectors with Microsoft, AWS Lures | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-30 | 3 | A Deep-Dive into Russian Midnight Blizzard’s Campaign that Targeted Ukrainian Military, Government | ||
| Details | Website | 2024-10-09 | 1 | Cybersecurity Supply chain risks and mitigations | ||
| Details | Website | 2024-09-24 | 9 | Weekly News Round-up - SOS Intelligence | ||
| Details | Website | 2024-08-15 | 23 | Strategies Used by Adversaries to Steal Application Access Tokens | ||
| Details | Website | 2024-08-12 | 7 | 6 Threat Hunting Ideas You Can Use Today! | ||
| Details | Website | 2024-08-12 | 3 | Proxy VBScript Execution via CurrentVersion Registry Key | ||
| Details | Website | 2024-08-12 | 5 | Sibot Malware | ||
| Details | Website | 2024-08-12 | 2 | Attempted VBScript Stored in Non-Run CurrentVersion Registry Key Value | ||
| Details | Website | 2024-08-12 | 9 | BoomBox Downloader | ||
| Details | Website | 2024-08-12 | 3 | EnvyScout Dropper | ||
| Details | Website | 2024-08-12 | 3 | Suspicious rundll32 Execution | ||
| Details | Website | 2024-05-28 | 54 | High Value Malicious Domains. — Silent Push Threat Intelligence | ||
| Details | 2024-02-25 | 276 | Cyberwar 26 Feb 2024 | |||
| Details | 2024-01-29 | 20 | Threat Advisory | |||
| Details | 2023-12-14 | 71 | Threat Advisory | |||
| Details | Website | 2023-12-06 | 198 | Russia/Ukraine Update - December 2023 | ||
| Details | Website | 2023-10-05 | 43 | German Embassy Lure: Likely Part of Campaign Against NATO Aligned Ministries of Foreign Affairs | ||
| Details | Website | 2023-08-03 | 3 | Russia's 'Midnight Blizzard' Hackers Launch Flurry of Microsoft Teams Attacks | ||
| Details | Website | 2023-08-03 | 3 | Microsoft warns Teams users of new Russian-backed phishing attack | ||
| Details | Website | 2023-08-03 | 4 | Microsoft Teams users duped into passing on MFA codes |