Olivia
Online
Microsoft DART
@MicrosoftDART
Joined March 2022
3 Following
2.1K Followers
23 Posts
The Unified Audit Log can help build a full story of a threat actor’s activity in #Office365, but its sheer size and detail can be daunting. Are you equipped to hunt through this forensic artifact effectively? Read our latest blog to find out: https://t.co/wlKo7Rx9Wv
If you are in the security research or response field and interested in attending, please submit an application as soon as possible. Applications close January 6, 2023, or when all available passes have been allocated. Full details can be found here: https://t.co/Q8xjAkpNgo
📢 BlueHat 2023: Applications to Attend are NOW OPEN! 📢 If you are interested in attending @MSFTBlueHat in Redmond, WA, USA, Feb 8-9, 2023, please submit your application here: https://t.co/yYUPQtGfWl (Applications close Jan 6, 2023)
Threat actors are known to use malicious IIS extensions to open persistent backdoors in servers. As a follow up to a blog on these threats, the Microsoft Detection and Response Team (DART) provides tips on logging and monitoring: https://t.co/PYpsIDToRQ
Threat actor tactics to bypass controls and compromise tokens present additional challenges to defenders. Microsoft DART outlines strategies for organizations to detect, mitigate, and respond to threats of this nature: https://t.co/8wArHoYnBp
Who to follow
DirectoryRanger
@DirectoryRanger
This account assembles and disseminates information related to Active Directory and Windows security.
Nick Carr 
@ItsReallyNick
Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
Dr. Nestori Syynimaa
@DrAzureAD
Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK).
And yes, opinions are my own ;)
Cybersecurity risk in mergers and acquisitions is an increasing issue for both IT security and business decision-makers. Read more about what we do at #MicrosoftDART: https://t.co/6r9jQnKP3L
This post-incident report details some of the TTPs seen in a recent ransomware incident. Learn about best practices from Microsoft Detection and Response Team (DART): https://t.co/jTVl5uaWku
Microsoft has detected social engineering campaigns targeting employees of orgs across industries in the US, UK, India, Russia. MSTIC attributes the campaigns to North Korea-based actor ZINC, which used multiple weaponized open-source software. More info: https://t.co/kqIYnTGg6u
Our latest blog details findings our investigation in partnership with Microsoft Threat Intelligence Center (#MSTIC) on the cyberattacks against the Albanian government in mid-July. Read more: https://t.co/EV31QHqsoB
Microsoft Detection and Response Team (DART) was engaged to lead the investigation on destructive cyberattacks launched against the Albanian government in mid-July. We assess that the attack was launched by an Iranian state-sponsored actor. Full report: https://t.co/kEVIaVS28J
Microsoft has been tracking Iranian actor PHOSPHORUS’ ransomware sub-group known as DEV-0270, aka Nemesis Kitten. The group is responsible for multiple attacks typically using high-severity vulnerabilities to gain access. TTPs and more in our latest blog:
https://t.co/DEi64NWRJE
Successful fall/winter 2022 graduate applicants will have a start date in August 2023.
Call for Consulting Security Services intern applications for Summer 2023. Are you ready to explore an exciting career in #cybersecurity? Come as you are, do what you love—start your journey with us today! https://t.co/Gcc4ajYl1I
We are inviting soon to be graduating university students to apply for our #fulltime #jobopportunities at the #MicrosoftAspireExperience University Track at DART under the Security Services Line. Apply here: https://t.co/8xkVClZ56V
https://t.co/NtlbDhcMLe
How threat intelligence became key to Microsoft's computer security – https://t.co/JxviWC8MWm
Microsoft has discovered a post-compromise capability we’re calling MagicWeb, which the threat actor tracked as NOBELIUM is using to maintain persistent access to environments they have compromised. In-depth technical analysis and hunting guidance here: https://t.co/30wpqqnzFe
Are you interested in learning how you can leverage Microsoft Security APIs for incident response? Part 1 of this 3-part series is now available: https://t.co/Os07Msgk1Q #MicrosoftDART #DFIR #IncidentResponse
Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage. More details + TTPs in this MSTIC blog: https://t.co/nVoF8GxrFQ
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers