Cyber Threat Intelligence
Threat Reports
Explore the latest cyber threat reports published by threat researchers and government agencies.
Silk Typhoon targeting IT supply chain
Silk Typhoon is a sophisticated Chinese state-sponsored espionage group tracked by Microsoft Threat Intelligence. The group has been identified as ...
Weathering the storm: In the midst of a Typhoon
Salt Typhoon is a highly sophisticated threat actor targeting the telecommunications sector, as detailed in this report from Cisco Talos. ...
From South America to Southeast Asia: The Fragile Web of REF7707
REF7707 is an advanced and persistent threat actor tracked by Elastic Security Labs. The group has been observed actively targeting the foreign ...
The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation
This blog post by Microsoft Threat Intelligence describes the Seashell Blizzard intrusion set and specifically the BadPilot campaign. According to ...
Cyber Incidents
Explore cyber incidents which have been reported publicly.
2016 cyber attack against power transmission in Ukraine
2016-12-17
Operation ShadowHammer Supply Chain Incident
2019-01-31
2015 cyber attack against power distribution in Ukraine
2015-12-23
Summer 2023 Microsoft Exchange Online Intrusion
2023-05-15
Intrusion Sets
Understand the tactics, techniques and procedures (TTPs) of cyber adversaries operating in the wild.
Seashell Blizzard
Seashell Blizzard is an intrusion set tracked by Microsoft that has been active since at least 2013 and is known for its high-impact cyber ...
REF7707
REF7707 is an intrusion set tracked by Elastic Security Labs. According to researchers, the group is a highly capable, novel intrusion set with ...
RedJuliett
RedJuliett is a likely Chinese state-sponsored cyber threat actor tracked by Recorded Future. primarily engaged in cyber-espionage activities ...
Night Dragon
Night Dragon is a threat identified by McAfee in 2011 and reported as being active since at least 2009. McAfee describe the associated activity as ...
Threat Actors
Understand the tactics, techniques and procedures (TTPs) of real-world cyber threat actors.
North Korean Reconnaissance General Bureau 3rd Bureau
North Korea's Reconnaissance General Bureau (RGB) 3rd Bureau is reported by the FBI and other international agencies as an entity based in ...
Hainan Xiandun Technology Development Company
According to the US Department of Justice, Hainan Xiandun Technology Development Co. Ltd (Hainan Xiandun) was established as a front company by ...
People’s Liberation Army (PLA) Unit 69010
According to analysis by Recorded Future, Unit 69010 is likely the Military Unit Cover Designator (MUCD) for a Technical Reconnaissance Bureau ...
Hainan State Security Department
According to the US Department of Justice, Hainan State Security Department (HSSD) is a provincial arm of China’s Ministry of State Security ...
Exploited Vulnerabilities
Explore vulnerabilities which have been exploited 'in the wild'.