Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. msft.it/6045sE1ux
Excellent work by Mandiant and crew! Great blog!
MSTIC is hiring in the UK and EU for entry level and senior analyst roles!
jobs.careers.microsoft.com/global/en/jo...
jobs.careers.microsoft.com/global/en/jo...
Be sure to check out part 2!
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine
www.microsoft.com/en-us/securi...
jobs.careers.microsoft.com/global/en/jo...
jobs.careers.microsoft.com/global/en/jo...
MSTIC is hiring! Current roles in US and AU.
The Microsoft Threat Intelligence Center (MSTIC) is recruiting experienced nation-state threat hunters with highly honed threat intel analysis skills. MSTIC is responsible for delivering timely threat intelligence across our product & services teams.
Excellent work by the team!
Another fascinating example of Secret Blizzard using “the tools/infrastructure of at least six other threat actors during the past seven years”
New, by me: Security researchers say North Korean hackers, posing as VCs, recruiters, and remote IT workers, have infiltrated "hundreds of organizations" and stolen billions of crypto in recent years to fund the regime's nuke program.
My dispatch from Cyberwarcon: techcrunch.com/2024/11/28/n...
Every holiday season I do a “security tune up” across all my accounts to ensure I’m making use of the best new security features.
What features / tech should I prioritize this year?
We are generally way too overconfident in understanding adversary intent.
Activity is straightforward, attribution is tricky and intent is often opaque and relies on organizational politics and bureacracy inside organizations.
One of my favorite aspects about @cyberwarcon.bsky.social is how it’s a yearly homecoming for a group of people with the primary focus of making a positive impact in the digital domain.
Regardless of healthy business competition, there’s a shared camaraderie being in the fight together.
Can’t forget to shout out these three GOATs who presented on Storm-2077 today!
James crushing it as always. But what’s even better is getting to work alongside of him each day. An amazing teammate and friend!
James Elliott absolutely crushing the last talk of the day at #CYBERWARCON.
Doppelgänger insight from Meta: Professional/contracted IO has two audiences: the target of the campaign and those who hired them (Kremlin)
Made a list of accounts at @cyberwarcon.bsky.social to make it easier to follow along: bsky.app/profile/did:...
As always, great insights from Josh and Pratik at Google TAG on IRGC operations. #cyberwarcon
Find out more on what MSTIC plans to present at CyberWarCon today!
www.microsoft.com/en-us/securi...
The DPRK IT Worker apparatus is a well oiled machine. Few grasp the depth of how many pieces enable these operations.
There's been a lot of attention on the Salt Typhoon intrusions. Don't forget the Volt Typhoon prepositioning is still a major problem as well!
www.tenable.com/blog/volt-ty...
Excited to support my teammates as they share fascinating insights into threat actors from North Korea and China. Don’t miss these!
It’s CYBERWARCON week!!!
CTI homecoming is here!
We have liberated this image from the oppressors @cyberwarcon.bsky.social
One of the most fascinating aspects of following DPRK threat actors is observing leading indicators from numerous intrusion sets target the same technology months before an announcement.
