Learn about Paul Melson's insights on running ScumBots & monitoring platforms where threat actors collaborate, and why he expects attackers to start buying insider threats, in this Microsoft Threat Intelligence Podcast episode with host Sherrod DeGrippo 🦓: msft.it/6010Yy3FE

Microsoft has identified longstanding activity by the Russian-based threat actor we track as Forest Blizzard using a custom tool we call GooseEgg to exploit CVE-2022-38028 in the Windows Print Spooler service to elevate permissions and steal credentials: msft.it/6014YG3oI

Microsoft has tracked at least 70 Russian actors engaged in Ukraine-focused disinformation campaigns concentrated on undermining support for Ukraine. Meanwhile, China seeks to exploit societal polarization and diminish faith in US democratic systems: msft.it/6013Y8noc

Microsoft has uncovered an attack that exploits critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity. Get our analysis, IOCs, and investigation guidance: msft.it/6012YB57m