(Originally published on December 14, 2023 by Rubba Ashwas, Scott McFadden, and Manon Knoertzer) Hi, Microsoft 365 Insiders! Our names are Rubba, Scott, and Manon, and we’re Product Managers focused on collaborative experiences on web apps. We’re thrilled to announce that, based on your feedback, we have[…]
Read More
Earlier in Part 11 and Part 22 of this blog series, Microsoft Incident Response outlined the strategies, methodologies, and approaches that are used while performing a cyberthreat hunt in both pre- and post-compromised environments. This chapter outlines how Microsoft Incident Response, in collaboration with partner security teams, leverages[…]
Read More
Earlier in Part 11 and Part 22 of this blog series, Microsoft Incident Response outlined the strategies, methodologies, and approaches that are used while performing a cyberthreat hunt in both pre- and post-compromised environments. This chapter outlines how Microsoft Incident Response, in collaboration with partner security teams, leverages[…]
Read More
Earlier in Part 11 and Part 22 of this blog series, Microsoft Incident Response outlined the strategies, methodologies, and approaches that are used while performing a cyberthreat hunt in both pre- and post-compromised environments. This chapter outlines how Microsoft Incident Response, in collaboration with partner security teams, leverages[…]
Read More
Between April and July 2024, Microsoft observed Iranian state-sponsored threat actor Peach Sandstorm deploying a new custom multi-stage backdoor, which we named Tickler. Tickler has been used in attacks against targets in the satellite, communications equipment, oil and gas, as well as federal and state government sectors in[…]
Read More