lazarusholic

Everyday is lazarus.dayβ

Microsoft threat intelligence presented at CyberWarCon 2022

2022-11-10, Microsoft
https://www.microsoft.com/en-us/security/blog/2022/11/10/microsoft-threat-intelligence-presented-at-cyberwarcon-2022/
#Zinc

Contents

At CyberWarCon 2022, Microsoft and LinkedIn analysts presented several sessions detailing analysis across multiple sets of actors and related activity. This blog is intended to summarize the content of the research covered in these presentations and demonstrates Microsoft Threat Intelligence Center’s (MSTIC) ongoing efforts to track threat actors, protect customers from the associated threats, and share intelligence with the security community.
The CyberWarCon sessions summarized below include:
“They are still berserk: Recent activities of BROMINE” – a lightning talk covering MSTIC’s analysis of BROMINE (aka Berserk Bear), recent observed activities, and potential changes in targeting and tactics.
“The phantom menace: A tale of Chinese nation-state hackers” – a deep dive into several of the Chinese nation-state actor sets, their operational security patterns, and case studies on related tactics, techniques, and procedures (TTPs).
“ZINC weaponizing open-source software” – a lighting talk on MSTIC and LinkedIn’s analysis of ZINC, a North Korea-based actor. This will be …